From owner-freebsd-security Fri Oct 6 6:24:12 2000 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 5FC6037B66D for ; Fri, 6 Oct 2000 06:24:09 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id JAA64042; Fri, 6 Oct 2000 09:24:05 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Fri, 6 Oct 2000 09:24:05 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Cy Schubert - ITSD Open Systems Group Cc: Hank Leininger , freebsd-security@FreeBSD.ORG Subject: Re: BSD chpass (fwd) In-Reply-To: <200010061302.e96D2k345593@cwsys.cwsent.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 6 Oct 2000, Cy Schubert - ITSD Open Systems Group wrote: > Wouldn't setting schg on every binary and every config file on the > system and running at securelevel 2 be equally effective? Then again > there's the possibility of a bug in the system that would allow any > attacker to reduce the securelevel. So once again were faced with your > first point as the only solution. You also have to set schg on directories, as recent changes in the kernel cause it to agressively search /boot and other locations for configuration files that may not exist by default. Either you need to create all of them and schg them, or schg the directories to prevent the creation of these files. The agressiveness of the kernel in searching out files, especially loadable kernel modules, these days is quite astounding, and probably one strong reason when schg on files will now never be sufficient. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message