Date: Thu, 28 Mar 2002 21:55:52 -0500 (EST) From: Garrett Wollman <wollman@lcs.mit.edu> To: "Crist J. Clark" <cjc@FreeBSD.ORG> Cc: security@FreeBSD.ORG Subject: Re: make world and setuid bits Message-ID: <200203290255.g2T2tqi09556@khavrinen.lcs.mit.edu> In-Reply-To: <20020328174304.L97841@blossom.cjclark.org> References: <20020328121850.D97841@blossom.cjclark.org> <20020328161518.R5333-100000@walter> <20020328174304.L97841@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 28 Mar 2002 17:43:04 -0800, "Crist J. Clark" <cjc@FreeBSD.ORG> said: > Some sites may use this policy, but I would never like it. It requires > direct logins as root. It may make some sense in limited circumstances. For example, my Kerberos KDC has only one interactive user (root), does not support network login (duh!), and is locked in a box in one of my machine rooms. *Any* escalation of privilege on that machine represents a serious security problem. > passwd(1), at(1), crontab(1), login(1), su(1), some or most of those > would be required for almost any multiuser installation. Actually, only passwd is required for most users. People who are not administrators have no need for at, crontab, or su, and the only process which normally runs login is getty. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203290255.g2T2tqi09556>