Date: Fri, 15 Jun 2001 17:38:37 -0700 From: Dima Dorfman <dima@unixfreak.org> To: Brad Huntting <huntting@glarp.com> Cc: freebsd-gnats-submit@FreeBSD.org, security@freebsd.org Subject: Re: misc/28188: Cron is being started to early in /etc/rc (potential security hole) Message-ID: <20010616003838.0564A3E28@bazooka.unixfreak.org> In-Reply-To: <200106152257.f5FMvkC67939@freefall.freebsd.org>; from huntting@glarp.com on "Fri, 15 Jun 2001 15:57:46 -0700 (PDT)"
next in thread | previous in thread | raw e-mail | index | archive | help
Brad Huntting <huntting@glarp.com> writes: > >Description: > Cron allows users to run jobs at boot time by specifying "@reboot". > While this is a very usefull feature, it is also a potential security > hole if these jobs are started before the kern.securelevel level is > raised. This is a general problem; cron just makes it easy to take advantage of. The problem is that the securelevel is raised as late as possible; it is the last thing to happen in /etc/rc in -stable, and second to last in -current (background fsck's are started after it). The real solution[1] is to move the setting of securelevel up, above the starting of most of the non-essential daemons (e.g., sshd, cron, et al). Anyone from -security care to comment on the feasibility of this? Any reason why it isn't already done like this? OpenBSD sets it quite early, FWIW. Thanks, Dima Dorfman dima@unixfreak.org [1] Actually, the real solution is to axe the entire concept of securelevel. Of course, this won't be done until a suitable replacement is available (e.g., MAC). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010616003838.0564A3E28>