From owner-cvs-all Wed Jan 16 8:37:45 2002 Delivered-To: cvs-all@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 8E1FE37B405; Wed, 16 Jan 2002 08:37:25 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0GGbCa29120; Wed, 16 Jan 2002 18:37:12 +0200 (EET) (envelope-from ru) Date: Wed, 16 Jan 2002 18:37:12 +0200 From: Ruslan Ermilov To: Joerg Wunsch , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Cc: arch@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c src/etc/mtree BSD.local.dist BSD.usr.dist BSD.x11-4.dist BSD.x11.dist Message-ID: <20020116183712.G13904@sunbay.com> References: <20020116132917.K78030@wantadilla.lemis.com> <20020116154210.A74132@uriah.heep.sax.de> <20020116174352.C13904@sunbay.com> <20020116171144.C18043@uriah.heep.sax.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020116171144.C18043@uriah.heep.sax.de> User-Agent: Mutt/1.3.23i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jan 16, 2002 at 05:11:44PM +0100, Joerg Wunsch wrote: > As Ruslan Ermilov wrote: > > > All you need to do is to change the ownership on catpages holding > > directories back to ``man'', and install man(1) setuid ``man''. > > ...until the next "make installworld". That's why i'm asking for > a knob in /etc/make.conf. setuidperl can get its suid bit `sticky' > by the same way. > Hmm, can't you live with a custom gnu/usr.bin/man/man/Makefile? :-) > > But because it was proven to be insecure in many ways (the most > > important leak is a customized environment), I don't like the idea > > of even putting the required knobs back to src/. > > But all that can be compromised is user "man", isn't it? I don't > care much about this. > Not user "man", but the contents of the system manpages. Try this: ln -s /usr/bin/true /tmp/troff rm /usr/share/man/cat1/cat.1* /usr/bin/env GROFF_BIN_PATH=/tmp man 1 cat > Get me right, it's OK by me to put a big warning above that knob > into /etc/defaults/make.conf. But for sites less concerned about > security (like my home computer), compromising the "man" account > by the only other user on my machine (that's my wife :) isn't > anything i would care much about. Even though the machine is > pretty fast, i prefer the cached catpages for efficiency. (setuid > root binaries are a totally different matter, since they might > always serve as a target by a potential intruder. But i don't > think such an intruder would gain much by breaking a setuid man > man(1), and then replace all my catpages. ;-) > OK, what do others think about this? > > > I hope man(1) > > > is smart enough to handle that situation, and would reformat > > > the more recent man source instead of displaying the stale > > > catpage then. > > > Yes, man(1) handles this. > > OK, fine. > > > Also, catman(1) doesn't re-catman > > the entire tree by default: > > I know, this was one of Wolfram's design goals when he rewrote > it. ;-) > > -- > cheers, J"org .-.-. --... ...-- -.. . DL8DTL > > http://www.sax.de/~joerg/ NIC: JW11-RIPE > Never trust an operating system you don't have sources for. ;-) -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message