Date: Mon, 4 Jun 2001 22:44:05 -0400 From: Kevin Way <kevin.way@overtone.org> To: Kevin Way <kevin.way@overtone.org> Cc: wkb@freebie.demon.nl, hackers@freebsd.org Subject: Re: speeding up /etc/security Message-ID: <20010604224405.A43677@bean.overtone.org> In-Reply-To: <20010604200828.A41130@bean.overtone.org>; from kevin.way@overtone.org on Mon, Jun 04, 2001 at 08:08:28PM -0400 References: <p05100300b741879b7bc3@[192.168.168.205]> <Pine.LNX.4.21.0106041205070.3177-100000@zeppo.feral.com> <20010604211909.B1112@freebie.demon.nl> <20010604200828.A41130@bean.overtone.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
> The answer there is 'sort of'. /etc/security checks all ufs partitions
> that aren't marked nosuid. if you're using anything other than UFS
> (e.g. MFS,ext2,whatever), it's not getting checked at all.
i hate to followup to my own message, but in order for the SUID checks to
be accurate, is there a reson we don't do something like the following?
--- security.orig Mon Jun 4 22:26:01 2001
+++ security Mon Jun 4 22:31:47 2001
@@ -69,7 +69,7 @@
# Note that one of the original problems, the possibility of overrunning
# the args to ls, is still here...
#
-MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
+MP=`( mount -t cd9660; mount -t ext2fs; mount -t ffs; mount -t ifs; mount -t lfs; mount -t mfs; mount -t ufs ) | grep -v ' nosuid' | awk '{ print $3 }' | sort` set ${MP}
while [ $# -ge 1 ]; do
mount=$1
-Kevin Way
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE7HEd1KxA01iDoLN4RAtgvAKCB8IEZzjJ0NHKNMWEF0yHEYgFR1wCeLGy5
MuGf6b4UvcMMha1qz7HwpWQ=
=SYCQ
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010604224405.A43677>