From owner-freebsd-hackers Sat Feb 8 06:52:24 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id GAA15050 for hackers-outgoing; Sat, 8 Feb 1997 06:52:24 -0800 (PST) Received: from nic.follonett.no (nic.follonett.no [194.198.43.10]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA15028; Sat, 8 Feb 1997 06:52:17 -0800 (PST) Received: (from uucp@localhost) by nic.follonett.no (8.8.5/8.8.3) with UUCP id PAA01479; Sat, 8 Feb 1997 15:50:52 +0100 (MET) Received: from oo7 (oo7.dimaga.com [192.0.0.65]) by dimaga.com (8.7.5/8.7.2) with SMTP id PAA07161; Sat, 8 Feb 1997 15:54:21 +0100 (MET) Message-Id: <3.0.32.19970208155420.00aaf720@dimaga.com> X-Sender: eivind@dimaga.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Sat, 08 Feb 1997 15:54:22 +0100 To: hackers@freebsd.org, current@freebsd.org From: Eivind Eklund Subject: Proposed change to dump/restore Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk The suid capability of dump is only used for remote backups. dump have been known for security holes in the past, and is not a user level program. I propose a change of default mode and owner for this program to -r-sr-x--- root:operator /sbin/dump which will disallow anybody not in the operator group from making backups using dump (which is not too bad a thing, as only members of wheel can access the harddisks directly, which is needed to be able to use dump anyway), and only leave dump vulnerable to attacks from an operator :) Does anybody object to the change? If not, it'll go into 2.1.7 and -current. Eivind Eklund perhaps@yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org