From owner-freebsd-hackers  Fri Nov 15 20:57:22 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id UAA11431
          for hackers-outgoing; Fri, 15 Nov 1996 20:57:22 -0800 (PST)
Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA11425;
          Fri, 15 Nov 1996 20:57:12 -0800 (PST)
Received: (from msmith@localhost) by genesis.atrad.adelaide.edu.au (8.8.2/8.7.3) id PAA10718; Sat, 16 Nov 1996 15:27:08 +1030 (CST)
From: Michael Smith <msmith@atrad.adelaide.edu.au>
Message-Id: <199611160457.PAA10718@genesis.atrad.adelaide.edu.au>
Subject: Re: Q: system specific binaries
In-Reply-To: <199611151543.KAA01199@dyson.iquest.net> from "John S. Dyson" at "Nov 15, 96 10:43:10 am"
To: dyson@FreeBSD.org
Date: Sat, 16 Nov 1996 15:27:07 +1030 (CST)
Cc: rob@xs1.simplex.nl, hackers@FreeBSD.org
X-Mailer: ELM [version 2.4ME+ PL28 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

John S. Dyson stands accused of saying:
> > 
> > If this is too easy to break, is there perhaps a way to specify
> > from which directories binaries may be executed ?

look at /sys/kern/imgact* for starters.  Depending on what you're actually
worried about, you might want to look at the source for the shells,
perl, tcl, remove the debugger (gdb) etc.

> Perhaps, formulate a system whereby the flags bits on a file are used
> in some way...  Note that I am not talking about the "protection" bits,
> but there is another group of interesting things called flags bits that
> can be placed only under the control of the kernel.  Just a thought.
> 
> (Perhaps an "annoint" command???)

A "secure" flag, only settable by root and cleared when the file is
written to might be vaguely useful.  It might give a false sense of
confidence though.

> John

-- 
]] Mike Smith, Software Engineer        msmith@gsoft.com.au             [[
]] Genesis Software                     genesis@gsoft.com.au            [[
]] High-speed data acquisition and      (GSM mobile)     0411-222-496   [[
]] realtime instrument control.         (ph)          +61-8-8267-3493   [[
]] Unix hardware collector.             "Where are your PEZ?" The Tick  [[