Date: Thu, 25 Jan 1996 11:38:47 +0000 (GMT) From: Paul Richards <p.richards@elsevier.co.uk> To: security@FreeBSD.org Subject: bin owned files Message-ID: <199601251138.LAA24328@cadair.elsevier.co.uk>
next in thread | raw e-mail | index | archive | help
I'l summarise all the point against what I said briefly. Getting bin access does not give you root access. As bin you can't touch root files and you can't create a suid root file either. Users can't give away ownership. Therefore, the only way to get root access from bin is to replace, say, /bin/sh with a program that creates a suid root sh *when it is run by root*. If you log in as root and don't realise that there has been a compromise of bin then that is your problem but in and of itself a bin compromise is safer than a root compromise for the reasons I previously explained. All other arguments relate to NFS and I refuse to even discuss NFS in this context. If you crack root anywhere on an NFS system then the whole system is compromised and while making things owned by root makes it a little harder it is no protection. I can masquerade as many other users and find other ways to do what I want. The whole point is, there *was* a root break-in, the fact that it wasn't the actual server box is not an issue. NFS cannot be regarded as a number of separate machines from a security context, a compromise on one is a compromise on them all. -- Paul Richards. Originative Solutions Ltd. Internet: paul@netcraft.co.uk, http://www.netcraft.co.uk Phone: 0370 462071 (Mobile), +44 1225 447500 (work)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601251138.LAA24328>