Date: Sat, 25 Sep 1999 17:34:14 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: dump(8) Insecurity/Misconfiguration Message-ID: <199909260034.RAA59356@apollo.backplane.com> References: <199909260013.UAA47484@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:When fooling around with dump(8), a couple of things occured to me
:(these are probably old news, but I want to make sure I don't break
:anything):
:
:1) Since the disk devices in /dev are by default set group
: readable to operator, any member of operator has access to any
: files on the disk regardless of any permissions on a directory or
: file.
This is because the person who dumps the machine in a large installation
has access to the operator account, which is in group operator. He
can't dump the machine if dump can't read the disk device!
Since nobody is in group operator except operator, this is not a
security hole.
:2) Will it break anything if I clear the group read bit on the disk
: devices?
If you never run dump or you only run it as root, you will not break
anything by removing the group read bit from the devices.
:3) dump(8) is setgid to group tty. Why?
This is so dump can write to the terminal of all users in group operator,
which is normally just root and the oprator, when you use the -n option.
:4) Can I remove the setgid bit?
Yes.
:--
:Crist J. Clark cjclark@home.com
:
:
:To Unsubscribe: send mail to majordomo@FreeBSD.org
:with "unsubscribe freebsd-security" in the body of the message
:
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909260034.RAA59356>