From owner-freebsd-security  Sun Apr 19 09:00:39 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA07500
          for freebsd-security-outgoing; Sun, 19 Apr 1998 09:00:39 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from scanner.worldgate.com (scanner.worldgate.com [198.161.84.3])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA07472
          for <freebsd-security@freebsd.org>; Sun, 19 Apr 1998 16:00:22 GMT
          (envelope-from marcs@znep.com)
Received: from znep.com (uucp@localhost)
	by scanner.worldgate.com (8.8.7/8.8.7) with UUCP id KAA25129;
	Sun, 19 Apr 1998 10:00:04 -0600 (MDT)
Received: from localhost (marcs@localhost) by alive.znep.com (8.7.5/8.7.3) with SMTP id JAA17385; Sun, 19 Apr 1998 09:54:07 -0600 (MDT)
Date: Sun, 19 Apr 1998 09:54:06 -0600 (MDT)
From: Marc Slemko <marcs@znep.com>
To: Niall Smart <rotel@indigo.ie>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: suid/sgid programs
In-Reply-To: <199804191452.PAA00588@indigo.ie>
Message-ID: <Pine.BSF.3.95.980419094941.16057k-100000@alive.znep.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id QAA07474
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

On Sun, 19 Apr 1998, Niall Smart wrote:

> On Apr 19, 12:26am, "Fernando P. Schapachnik" wrote:
> } Subject: Re: suid/sgid programs
> > En un mensaje anterior Robert Watson escribi˘:
> > [...]
> > > We note also that a fairly large chunk of suid/sgid programs are UUCP
> > > programs -- something that a majority of FreeBSD users (I would guess?) do
> > > not use.  In terms of reducing risk, disabling suid/sgid on these programs
> > 
> > Don't be so sure. FreeBSD boxes are an excellent choice for UUCP servers. 
> > Actually I have a few running (and planning to install more).
> 
> I think the point he was making was that most users don't use UUCP, and
> therefore we shouldn't be shipping UUCP related utilities with set[ug]id
> bits.  Presumably if you can configure UUCP you can use chmod.

Erm... that is an extremely poor policy.  Figuring out what needs to be
setuid or setgid to what isn't trivial.  I'm not sure what you are trying
to save here.  What is the real issue if someone compromises the user or
group uucp?  I guess that uucico, which is setgid to dialer, gives them
something.  If they compromise the uucp uid then they can mess with the
uuucp binaries which someone may try to run sometime for some reason, but
I really don't see how it is enough to warrant shipping broken programs. 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message