Date: Wed, 31 Mar 1999 08:17:09 -0800 From: "Jan B. Koum " <jkb@best.com> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>, "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Curious about 'hoststat' Message-ID: <19990331081709.B11641@best.com> In-Reply-To: <43892.922782773@zippy.cdrom.com>; from Jordan K. Hubbard on Tue, Mar 30, 1999 at 12:32:53AM -0800 References: <Pine.SOL.3.96L.990330015216.2230A-100000@unix8.andrew.cmu.edu> <43892.922782773@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 30, 1999 at 12:32:53AM -0800, "Jordan K. Hubbard" <jkh@zippy.cdrom.com> wrote: > > Well, I am going through a FreeBSD machine and removing the suid > > bits on programs that have no purpose having them for a simple user host > > machine. Going through /var/log/setuid.today and changing the permissions > > on the programs seems like a good idea until I got to 'hoststat'. > > Look at the inode number - it's the same file as /usr/sbin/sendmail. > It's just there as a convenient hook. > > - Jordan > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message What Jordan said, but now with pictures. nautilus# set I=`ls -li /usr/bin/hoststat|cut -f1 -d" "` nautilus# find / -inum $I -ls 445461 592 -r-sr-xr-x 5 root wheel 290016 Feb 3 21:07 /usr/bin/newaliases 445461 592 -r-sr-xr-x 5 root wheel 290016 Feb 3 21:07 /usr/bin/mailq 445461 592 -r-sr-xr-x 5 root wheel 290016 Feb 3 21:07 /usr/bin/hoststat 445461 592 -r-sr-xr-x 5 root wheel 290016 Feb 3 21:07 /usr/sbin/sendmail 445461 592 -r-sr-xr-x 5 root wheel 290016 Feb 3 21:07 /usr/sbin/purgestat -- Yan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990331081709.B11641>