Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 Jul 1997 15:19:33 -0700 (PDT)
From:      Jaye Mathisen  <mrcpu@cdsnet.net>
To:        Terry Lambert <terry@lambert.org>
Cc:        sthaug@nethelp.no, andreas@klemm.gtn.com, hackers@FreeBSD.ORG
Subject:   Re: sendmail complains about being unable to write his pid file
Message-ID:  <Pine.NEB.3.95.970721151455.28740J-100000@mail.cdsnet.net>
In-Reply-To: <199707212106.OAA11898@phaeton.artisoft.com>

next in thread | previous in thread | raw e-mail | index | archive | help

Well, just to throw in my 2 bits, I don't really care who owns it, because
if root is compromised, who gives a flying leap about files being bin.bin,
your system is still open.

So it seems then that the only issue would be if an application ran as
bin, and needed access to files owned by bin.  Which doesn't appear to be
the case here.

So I guess I would want to know why bin.bin makes them more secure, rather
than just leaving it with root ownership...  

Seems like bin implies a false sense of security.

But I could be misunderstanding the whole argument, and will retreat back
into my hole.

On Mon, 21 Jul 1997, Terry Lambert wrote:

> > Certainly - for a corresponding decrease in security. I'd like to have
> > the tighter security be the default. Or at least have it as an option
> > when installing.
> 
> OK, I don't understand why you believe that something being owned by
> root, an account with password access, the password for which is
> succeptible to being cracked, is somehow more secure than ownership
> by bin, an account without password access and therefore *not*
> succeptible to being cracked.
> 
> Can you please explain how root ownership makes something more secure?
> 
> 
> 					Regards,
> 					Terry Lambert
> 					terry@lambert.org
> ---
> Any opinions in this posting are my own and not those of my present
> or previous employers.
> 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.95.970721151455.28740J-100000>