From owner-freebsd-security  Mon Jul 15 07:46:04 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id HAA14418
          for security-outgoing; Mon, 15 Jul 1996 07:46:04 -0700 (PDT)
Received: from dada.kaizen.net (dada.kaizen.net [206.27.236.38])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA14413
          for <freebsd-security@freebsd.org>; Mon, 15 Jul 1996 07:45:59 -0700 (PDT)
Received: from localhost by dada.kaizen.net via SMTP (940816.SGI.8.6.9/940406.SGI.AUTO)
	 id KAA01819; Mon, 15 Jul 1996 10:43:16 -0400
Date: Mon, 15 Jul 1996 10:43:11 -0400 (EDT)
From: Mike Newell <mnewell@kaizen.net>
To: Paul Danckaert <pauld@umbc.edu>
cc: jbhunt <jbhunt@mercury.gaianet.net>, freebsd-security@freebsd.org,
        root@mercury.gaianet.net
Subject: Re: New EXPLOIT located!
In-Reply-To: <Pine.SGI.3.91.960715085258.23456A@umbc7.umbc.edu>
Message-ID: <Pine.SGI.3.92.960715103831.1447A-100000@dada.kaizen.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 15 Jul 1996, Paul Danckaert wrote:

> The normal policy we use when setting up machines here is to do a find
> for suid and sgid files on the system.  Pick off the essential ones, and
> strip the bits off any others.  Its saved us from several irix and sun
> holes in the past.. and one or two bsd ones now too.

What do you consider "essential ones"?  I realize that a case-by-case
analysis of the pros/cons of what to/not keep SUID would be a book in
itself [:-)], especially since the usefulness of each is dependent on what
the system is being used for.  However it would be nice to know what
utilities *must* be SUID for a baseline system, and especially what
utilities are "safely" SUID and what aren't.

Thanks,

Mike