Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Mar 1999 23:45:17 -0800 (PST)
From:      "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
To:        Harry_M_Leitzell@cmu.edu (Harry M. Leitzell)
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: Curious about 'hoststat'
Message-ID:  <199903300745.XAA11308@GndRsh.aac.dev.com>
In-Reply-To: <Pine.SOL.3.96L.990330015216.2230A-100000@unix8.andrew.cmu.edu> from "Harry M. Leitzell" at "Mar 30, 99 02:02:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help 

> 	Well, I am going through a FreeBSD machine and removing the suid
> bits on programs that have no purpose having them for a simple user host
> machine.  Going through /var/log/setuid.today and changing the permissions
> on the programs seems like a good idea until I got to 'hoststat'.
> 
> -r-sr-xr-x  5 root wheel  290016 Feb 15 05:45:23 1999 /usr/bin/hoststat
> 
> 	I usually go through the man pages for a program that has a suid
> bit by default to make sure no user actually could have a use for it.
> Only this doesn't have a man page.  A keyword search turns up nothing.
> Running it does seemingly nothing.  It intrigues me that a progam could be
> suid 0 by default and not have any documentation on it.  While the
> experienced person might just CVS the source, deduce the meaning of it
> from the code, some of us don't have the experience or time to do so.  I
> was just thinking if there isn't sufficient documentation on the program,
> should it be installed suid 0 by default?

It should have a man page.. but it is documented in
/usr/share/doc/smm/08.sendmailop/.  Which says this
about it:

      1.3.4.  /usr/bin/hoststat

              The hoststat command should just be a link  to
         sendmail, in a fashion similar to newaliases.  This
         command lists the status of the last mail  transac-
         tion with all remote hosts.  It functions only when
         the HostStatusDirectory option is set.


It is a hardlink to /usr/sbin/sendmail, and thus is why it has
suid on it...

-- 
Rod Grimes - KD7CAX - (RWG25)                   rgrimes@gndrsh.aac.dev.com
Accurate Automation, Inc.                   Reliable computers for FreeBSD
http://www.aai.dnsmgr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903300745.XAA11308>