Date: Mon, 28 Jul 1997 18:30:28 -0400 (EDT) From: "Matthew N. Dodd" <winter@jurai.net> To: Vincent Poy <vince@mail.MCESTATE.COM> Cc: security@FreeBSD.ORG, JbHunt <johnnyu@accessus.net>, "[Mario1-]" <mario1@PrimeNet.Com> Subject: Re: security hole in FreeBSD Message-ID: <Pine.BSF.3.95q.970728182943.25254F-100000@sasami.jurai.net> In-Reply-To: <Pine.BSF.3.95.970728152741.3844M-100000@mail.MCESTATE.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Vincent Poy wrote:
> On Mon, 28 Jul 1997, Matthew N. Dodd wrote:
> =)As a general rule I set all suid/sgid system executeables schg and run
> =)with securelevel set to 1 or 2.
^^^^^^^^^^^^^^^^^^^^^^^^^
> =)
> =)Getting rid of any unecessary suid/sgid programs would be good too.
>
> That wouldn't do any good if the user can chflags noschg on the
> binaries you have schg on.
'man init'
/*
Matthew N. Dodd | A memory retaining a love you had for life
winter@jurai.net | As cruel as it seems nothing ever seems to
http://www.jurai.net/~winter | go right - FLA M 3.1:53
*/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970728182943.25254F-100000>