Bugtraq mailing list archives
Re: permissions
From: dan () pasteur fr (Daniel Azuelos)
Date: Tue, 17 May 1994 20:10:17 +0200 (MET DST)
Talking of standard fprobihitilssions at the file-system level: | > / rw,nosuid | > /usr ro | > /var rw,nosuid | > /home rw,nosuid | > /tmp rw,nosuid | > /usr/local ro | | excellent thinking. Does anyone have any problems with this philosophy? | I noticed some systems around here with /sbin/su and /sbin/sulogin. | These would be disabled if the above conditions were met. | Is this a problem? Anything else break? I'm personnally using this strategy since SunOS 3.5.2. I've been using it for nearly 5 years now, without any problem. I've never tried to install anything under /usr, for example, in place of the standard /usr/local, I'd advise to use a /local. With this method, tempering with standard binaries or installing a setuid file couldn't be done without rebooting the system. And long before Sun gave that possibility at the PROM level, there are easy methods to make any reboot of a system very hard, even to someone having a physical access to the keyboard. -- dan ``Et pourtant ga tourne....''
Current thread:
- Re: permissions Bruce Barnett (May 17)
- Re: permissions Casper Dik (May 17)
- Re: permissions Howard the Energizer (May 17)
- Re: permissions Perry E. Metzger (May 17)
- Re: permissions Howard the Energizer (May 17)
- Re: permissions Bruce Gingery (May 17)
- Re: permissions Perry E. Metzger (May 17)
- Re: permissions Daniel Azuelos (May 17)
- Re: permissions rik.harris () vifp monash edu au (May 18)
- bin ownership problem Brian Parent (May 18)
- Re: bin ownership problem jmc () gnu ai mit edu (May 18)
- Re: bin ownership problem Casper Dik (May 19)
- Re: bin ownership problem Perry E. Metzger (May 19)
- Re: bin ownership problem Bruce Gingery (May 19)
- <Possible follow-ups>
- Re: permissions Evil Pete (May 17)
- Re: Re: permissions Pete Hartman (May 17)
- Re: permissions Brad Powell - Sun CIS (May 18)