Date: Sat, 26 Jul 2003 19:23:02 +0200 From: "Peter Rosa" <prosa@pro.sk> To: "FreeBSD Security" <freebsd-security@freebsd.org> Subject: suid bit files + securing FreeBSD Message-ID: <00d601c3539a$91576a40$3501a8c0@pro.sk>
next in thread | raw e-mail | index | archive | help
Hello everybody, I'm a newbie in this list, so I don't know if it's the appropriate place for my question. Anyway, I'd be happy to find out the solution. Please, has anyone simple answer for: I'm looking for an exact list of files, which: 1. MUST have... 2. HAVE FROM BSD INSTALLATION... 3. DO NOT NEED... 4. NEVER MAY... ...the suid-bit set. Of course, it's no problem to find-out which files ALREADY HAS suid-bit set. But what files REALLY MUST have it ? I know generalities, as e.g. shell should never have suid bit set, but what if someone has copied any shell to some other location and have set the suid bit ? It's security hole, isn't it ? And what if I have more such files on my machine ? It is not about my machine has been compromited, it is only WHAT IF... -------------------------------------------- Second question is: Has anybody an exact wizard, how to secure the FreeBSD machine. Imagine the situation, the only person who can do anything on that machine is me, and nobody other. I have set very restrictive firewalling, I have removed ALL tty's except two local tty's (I need to work on that machine), but there are still open port 25 and 53 (must be forever), so someone very tricky can compromite my machine. I'm a little bit paranoic, don't I :-))))))) Cheers, Peter Rosa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00d601c3539a$91576a40$3501a8c0>