Full Disclosure mailing list archives
Re: Partial Solution to SUID Problems
From: Ciro <domino () asgardnet org>
Date: Fri, 5 Dec 2003 04:41:00 -0500 (EST)
On Thu, 4 Dec 2003, Gino Thomas wrote:
I asked some ppl the same question, answers vary. On one hand some ppl trust the suids and claim that messing up with them will open new problems and that there are also many other ways to get root (kernel, libc, daemons,...) on the other hand ppl agreed with me that if i don't need uucp, why should it be on my box anyway (and that suid or sgid). As said, i disabled all suids except 'su', so a user can't use 'netstat', 'ping' or even 'man' anymore, but i do not want that on a bastion host anyway, eh? Mounting whats left on a separate partition seems to be as logical as doing that for /home, /tmp,... I would like to see a detailed discussion about this, too.
The thing that screams "bad idea" or at least "inconvienient pain in the neck" to me is that, on the off chance that a wide-spread exploit is found and you have to "make world" or whatever, it puts them right back and you have to do it again. Of course, I'm a perl scripter, so by definition I'm lazy[0] ;) -C [0]Larry Wall said it, not me. <g> "Why would burgulars need to look for a backdoor when they can climb in through Windows?" --Norman L DeForest, in NANAE "You know how dumb the average luser is? Well, half of 'em are dumber than that" -- The Roadie, in NANAE _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Partial Solution to SUID Problems Todd Burroughs (Dec 04)
- Re: Partial Solution to SUID Problems Gino Thomas (Dec 04)
- new dos attack? Geo. (Dec 04)
- Re: new dos attack? Jonathan A. Zdziarski (Dec 04)
- Re: Partial Solution to SUID Problems Ciro (Dec 05)
- Re: Partial Solution to SUID Problems Vladimir Parkhaev (Dec 05)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 06)
- Re: Partial Solution to SUID Problems Henning Brauer (Dec 06)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 06)
- Re: Partial Solution to SUID Problems Michal Zalewski (Dec 06)
- Re: Partial Solution to SUID Problems Valdis . Kletnieks (Dec 06)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 07)
- Re: Partial Solution to SUID Problems Karl DeBisschop (Dec 07)
- Re: Partial Solution to SUID Problems Michal Zalewski (Dec 07)
- Re: Partial Solution to SUID Problems Valdis . Kletnieks (Dec 06)
- new dos attack? Geo. (Dec 04)
- Re: Partial Solution to SUID Problems Gino Thomas (Dec 04)