From owner-freebsd-security  Mon May 14 12:26:54 2001
Delivered-To: freebsd-security@freebsd.org
Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20])
	by hub.freebsd.org (Postfix) with ESMTP id E4CC537B440
	for <freebsd-security@FreeBSD.ORG>; Mon, 14 May 2001 12:26:50 -0700 (PDT)
	(envelope-from bright@fw.wintelcom.net)
Received: (from bright@localhost)
	by fw.wintelcom.net (8.10.0/8.10.0) id f4EJQo801983
	for freebsd-security@FreeBSD.ORG; Mon, 14 May 2001 12:26:50 -0700 (PDT)
Date: Mon, 14 May 2001 12:26:50 -0700
From: Alfred Perlstein <bright@wintelcom.net>
To: "'freebsd-security@freebsd.org'" <freebsd-security@FreeBSD.ORG>
Subject: Re: nfs mounts / su / yp
Message-ID: <20010514122650.T18676@fw.wintelcom.net>
References: <20010514200927.A32697@student.uu.se> <Pine.WNT.4.10.10105141416260.-559341@rosencrantz.east.isi.edu> <20010514204259.A33451@student.uu.se> <3B00295D.24643CD7@centtech.com> <3B002E2B.1337F4C9@lmc.ericsson.se>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3B002E2B.1337F4C9@lmc.ericsson.se>; from Antoine.Beaupre@ericsson.ca on Mon, May 14, 2001 at 03:12:43PM -0400
X-all-your-base: are belong to us.
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

* Antoine Beaupre (LMC) <Antoine.Beaupre@ericsson.ca> [010514 12:20] wrote:
> [cc's trimmed]
> 
> Eric Anderson wrote:
> > 
> > Well, I think the problem is  that a local root should mean only local
> > root access, and su should not allow you to su to non-local users (ie,
> > NIS users).  
> 
> That policy (local-only su) if implemented on a machine, can be
> circumvented when the user gets root access. 
> 
> Heck, the user can even install another system that *doesn't have* that
> policy. 
> 
> > The problem is simply how do you stop root from su'ing to
> > another user?
> 
> You can't. Once the user has root, he can reinstall a complete system,
> bypassing any *local* policy you might have. You can't keep root from
> doing *anything* by definition. I think there has been a few threads
> regarding this on this list. This might be seen as a UNIX design flaw
> but I certainly disagree. Anyways, that is not the issue here. 

FreeBSD has securelevels, while not ideal, if implemented properly
they can limit what root can do.

-- 
-Alfred Perlstein - [alfred@freebsd.org]
http://www.egr.unlv.edu/~slumos/on-netbsd.html

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message