From owner-freebsd-security Sun Apr 19 09:00:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA07500 for freebsd-security-outgoing; Sun, 19 Apr 1998 09:00:39 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from scanner.worldgate.com (scanner.worldgate.com [198.161.84.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA07472 for ; Sun, 19 Apr 1998 16:00:22 GMT (envelope-from marcs@znep.com) Received: from znep.com (uucp@localhost) by scanner.worldgate.com (8.8.7/8.8.7) with UUCP id KAA25129; Sun, 19 Apr 1998 10:00:04 -0600 (MDT) Received: from localhost (marcs@localhost) by alive.znep.com (8.7.5/8.7.3) with SMTP id JAA17385; Sun, 19 Apr 1998 09:54:07 -0600 (MDT) Date: Sun, 19 Apr 1998 09:54:06 -0600 (MDT) From: Marc Slemko To: Niall Smart cc: freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs In-Reply-To: <199804191452.PAA00588@indigo.ie> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id QAA07474 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk On Sun, 19 Apr 1998, Niall Smart wrote: > On Apr 19, 12:26am, "Fernando P. Schapachnik" wrote: > } Subject: Re: suid/sgid programs > > En un mensaje anterior Robert Watson escribi˘: > > [...] > > > We note also that a fairly large chunk of suid/sgid programs are UUCP > > > programs -- something that a majority of FreeBSD users (I would guess?) do > > > not use. In terms of reducing risk, disabling suid/sgid on these programs > > > > Don't be so sure. FreeBSD boxes are an excellent choice for UUCP servers. > > Actually I have a few running (and planning to install more). > > I think the point he was making was that most users don't use UUCP, and > therefore we shouldn't be shipping UUCP related utilities with set[ug]id > bits. Presumably if you can configure UUCP you can use chmod. Erm... that is an extremely poor policy. Figuring out what needs to be setuid or setgid to what isn't trivial. I'm not sure what you are trying to save here. What is the real issue if someone compromises the user or group uucp? I guess that uucico, which is setgid to dialer, gives them something. If they compromise the uucp uid then they can mess with the uuucp binaries which someone may try to run sometime for some reason, but I really don't see how it is enough to warrant shipping broken programs. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message