From owner-freebsd-security Mon May 14 12:39: 6 2001 Delivered-To: freebsd-security@freebsd.org Received: from mailg.telia.com (mailg.telia.com [194.22.194.26]) by hub.freebsd.org (Postfix) with ESMTP id 5E44437B423 for ; Mon, 14 May 2001 12:38:59 -0700 (PDT) (envelope-from ertr1013@student.uu.se) Received: from d1o913.telia.com (d1o913.telia.com [195.252.44.241]) by mailg.telia.com (8.11.2/8.11.0) with ESMTP id f4EJcul09943 for ; Mon, 14 May 2001 21:38:57 +0200 (CEST) Received: from ertr1013.student.uu.se (h185n2fls20o913.telia.com [212.181.163.185]) by d1o913.telia.com (8.8.8/8.8.8) with SMTP id VAA10857 for ; Mon, 14 May 2001 21:38:55 +0200 (CEST) Received: (qmail 34225 invoked by uid 1001); 14 May 2001 19:38:54 -0000 Date: Mon, 14 May 2001 21:38:54 +0200 From: Erik Trulsson To: "'freebsd-security@freebsd.org'" Subject: Re: nfs mounts / su / yp Message-ID: <20010514213854.A34209@student.uu.se> Mail-Followup-To: "'freebsd-security@freebsd.org'" References: <20010514200927.A32697@student.uu.se> <20010514204259.A33451@student.uu.se> <3B00295D.24643CD7@centtech.com> <3B002E2B.1337F4C9@lmc.ericsson.se> <20010514122650.T18676@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010514122650.T18676@fw.wintelcom.net>; from bright@wintelcom.net on Mon, May 14, 2001 at 12:26:50PM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, May 14, 2001 at 12:26:50PM -0700, Alfred Perlstein wrote: > * Antoine Beaupre (LMC) [010514 12:20] wrote: > > [cc's trimmed] > > > > Eric Anderson wrote: > > > > > > Well, I think the problem is that a local root should mean only local > > > root access, and su should not allow you to su to non-local users (ie, > > > NIS users). > > > > That policy (local-only su) if implemented on a machine, can be > > circumvented when the user gets root access. > > > > Heck, the user can even install another system that *doesn't have* that > > policy. > > > > > The problem is simply how do you stop root from su'ing to > > > another user? > > > > You can't. Once the user has root, he can reinstall a complete system, > > bypassing any *local* policy you might have. You can't keep root from > > doing *anything* by definition. I think there has been a few threads > > regarding this on this list. This might be seen as a UNIX design flaw > > but I certainly disagree. Anyways, that is not the issue here. > > FreeBSD has securelevels, while not ideal, if implemented properly > they can limit what root can do. Yes, but if users have physical access to the machine they can always reboot into single user mode. In that case securelevels don't help. It is very difficult to secure a machine completely if users have physical access to it. -- Erik Trulsson ertr1013@student.uu.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message