From owner-freebsd-security Thu Oct 5 6:26: 1 2000 Delivered-To: freebsd-security@freebsd.org Received: from news.lucky.net (news.lucky.net [193.193.193.102]) by hub.freebsd.org (Postfix) with ESMTP id C25A737B502 for ; Thu, 5 Oct 2000 06:25:55 -0700 (PDT) Received: (from mail@localhost) by news.lucky.net (8.Who.Cares/8.Who.Cares) id QJY08438 for freebsd-security@freebsd.org; Thu, 5 Oct 2000 16:25:53 +0300 (envelope-from white@alkar.net) From: Alex Prohorenko To: freebsd-security@freebsd.org Subject: Re: BSD chpass (fwd) Date: 5 Oct 2000 13:25:08 GMT Organization: Alkar-Teleport News server Message-ID: <8rhvfk$12ue$2@pandora.alkar.net> References: <20001004053422.8A3901F19@static.unixfreak.org> User-Agent: tin/1.4.4-20000803 ("Vet for the Insane") (UNIX) (FreeBSD/3.5-STABLE (i386)) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Lines: 17 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dima Dorfman wrote: >> For those not subscribed to bugtraq, it's time to remove the suid bit on >> chpass. > Unfortunatly it isn't that easy if you're running with securelevel > 0 > since chpass is installed with the schg (system immutable) flag on by > default. Oh well, guess it's time to reboot some hosts. :-/ I do not see any single problem here. chflags noschg /usr/bin/chpass chown u-s /usr/bin/chpass Sounds pretty easy, isn't it? -- Alexander Prohorenko, Alkar Teleport To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message