From owner-freebsd-stable  Mon Dec 27  5:52:10 1999
Delivered-To: freebsd-stable@freebsd.org
Received: from dorifer.heim3.tu-clausthal.de (dorifer.heim3.tu-clausthal.de [139.174.243.252])
	by hub.freebsd.org (Postfix) with ESMTP id 4AC3D152DE
	for <freebsd-stable@FreeBSD.ORG>; Mon, 27 Dec 1999 05:52:06 -0800 (PST)
	(envelope-from olli@dorifer.heim3.tu-clausthal.de)
Received: (from olli@localhost)
	by dorifer.heim3.tu-clausthal.de (8.8.8/8.8.8) id OAA21293
	for freebsd-stable@FreeBSD.ORG; Mon, 27 Dec 1999 14:52:05 +0100 (CET)
	(envelope-from olli)
Date: Mon, 27 Dec 1999 14:52:05 +0100 (CET)
From: Oliver Fromme <olli@dorifer.heim3.tu-clausthal.de>
Message-Id: <199912271352.OAA21293@dorifer.heim3.tu-clausthal.de>
To: freebsd-stable@FreeBSD.ORG
Subject: Re: Huge differences in suid programs ?
Organization: Administration TU Clausthal
Reply-To: freebsd-stable@FreeBSD.ORG
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Newsreader: TIN [version 1.2 RZTUC(3) PL2]
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In list.freebsd-stable you wrote (27 Dec 1999 14:38:00 +0100):
 > 	I cvsuped 3 machines and did a make worlds on the yesterday. I got HUGE
 > 	differences on the suid files in the security report this morning:
 > [...]
 > 	Whats going on here?

Well, a "make world" will also replace all s{u,g}id binaries in
{/usr,}/{s,}bin, i.e. the time stamps and (possibly) the sizes
of the files change, so the daily security script will report
about all of them.  That's normal.

If you're paranoid, you should run /etc/security right after a
"make world" (or "make installworld") to update the system's
information about s{u,g}id binaries.  If the daily security
script still reports changes the next time, then you have a
_real_ reason to worry.  ;-)

(Maybe this should be added to the "make world" chapter in the
handbook...)

Regards
   Oliver

-- 
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:olli@dorifer.heim3.tu-clausthal.de)

"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
                                         (Terry Pratchett)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message