From owner-freebsd-security  Sat Sep 25 19:16:56 1999
Delivered-To: freebsd-security@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 3ABB914C2B
	for <freebsd-security@FreeBSD.ORG>; Sat, 25 Sep 1999 19:16:53 -0700 (PDT)
	(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id WAA02587;
	Sat, 25 Sep 1999 22:16:52 -0400 (EDT)
	(envelope-from wollman)
Date: Sat, 25 Sep 1999 22:16:52 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <199909260216.WAA02587@khavrinen.lcs.mit.edu>
To: cjclark@home.com
Cc: dillon@apollo.backplane.com (Matthew Dillon),
	freebsd-security@FreeBSD.ORG
Subject: Re: dump(8) Insecurity/Misconfiguration
In-Reply-To: <199909260203.WAA48170@cc942873-a.ewndsr1.nj.home.com>
References: <199909260034.RAA59356@apollo.backplane.com>
	<199909260203.WAA48170@cc942873-a.ewndsr1.nj.home.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

<<On Sat, 25 Sep 1999 22:03:23 -0400 (EDT), "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> said:

>     "Dump cannot do remote backups without being run as root, due to its secu-
>      rity history.  This will be fixed in a later version of FreeBSD. Present-
>      ly, it works if you set it setuid (like it used to be), but this might
>      constitute a security risk."

Oof!  Really awful language for a manual page.  (Manual pages should
never use the second person.)

> And I often do dumps to tape drives that are not local.

Kerberos-authenticated remote dumps will still work without special
privileges (obviously!).  I'm in group operator on my desktop machine
so that I can easily perform remote dumps (since nobody here is so
stupid as to give root a .rhosts file).

If you care about security, and you are not running Kerberos, you
should not be using rdump -- use regular dump and ssh instead.  (Well,
unless you have trouble with licensing the RSA patent....)

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message