From owner-freebsd-security Fri Mar 10 8:15:40 2000 Delivered-To: freebsd-security@freebsd.org Received: from anarcat.dyndns.org (phobos.IRO.UMontreal.CA [132.204.20.20]) by hub.freebsd.org (Postfix) with ESMTP id B220A37BA2D; Fri, 10 Mar 2000 08:15:32 -0800 (PST) (envelope-from spidey@anarcat.dyndns.org) Received: by anarcat.dyndns.org (Postfix, from userid 1000) id C089B1BF5; Fri, 10 Mar 2000 11:16:20 -0500 (EST) From: Spidey MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14537.8148.396885.574105@anarcat.dyndns.org> Date: Fri, 10 Mar 2000 11:16:20 -0500 (EST) To: asami@FreeBSD.ORG (Satoshi - Ports Wraith - Asami) Cc: Kris Kennaway , security@FreeBSD.ORG, ports@FreeBSD.ORG Subject: Re: cvs commit: ports/games/omega Makefile (fwd) References: X-Mailer: VM 6.72 under 21.1 (patch 8) "Bryce Canyon" XEmacs Lucid Reply-To: beaupran@iro.umontreal.ca Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a better idea. Let's make the ports system install the file, with the permissions and standards described in the PLIST file, that could be in a mtree-like format. Even better, this scheme would allow us to do mtree (MD5, etc) checks on 3rd party software after it was installed. I was thinking of enforcing this in /etc/security too for checking the suids... A lot of work to do here.. :)) --- At 00:52 of March 8, Big Brother made Satoshi - Ports Wraith - Asami write: > * From: Kris Kennaway > > * I'm not going to generate a security advisory about this, but reinstall > * this port if you have it. > > Thanks, for catching it. > > * In general, if you have anything installed which is setuid games on a > * multiuser machine, it's a good candidate for removal (games aren't the > * most securely-programmed things): > * > * find /usr/local/bin -user games -perm -4000 > * > * Ports maintainers who own such a file (please check the above!) please > * make the necessary changes to install it setgid games, not setuid foo. > * > * A user who exploits a game binary to get the games group probably can't do > * much apart from alter game score/save files (although this still might be > * a security risk if you can convince the game to somehow execute code you > * put in the file), whereas if they have setuid games they can trojan the > * binary directly for the next user. > > This should not be allowed to happen. Shouldn't all binaries be > installed without write permission? That's the way it is in /usr, > maybe we should mandate it in /usr/local and /usr/X11R6. (Hmm, why > does imake config files want to install stuff with permission *755?) > > Satoshi > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Si l'image donne l'illusion de savoir C'est que l'adage pretend que pour croire, L'important ne serait que de voir Lofofora To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message