atom feed200 messages in org.freebsd.freebsd-securityRe: security hole in FreeBSD
FromSent OnAttachments
114 earlier messages
Vincent PoyJul 28, 1997 10:35 pm 
Vincent PoyJul 28, 1997 10:37 pm 
John-David ChildsJul 28, 1997 10:38 pm 
Gary PalmerJul 28, 1997 10:40 pm 
Vincent PoyJul 28, 1997 10:44 pm 
Gary PalmerJul 28, 1997 10:50 pm 
Vincent PoyJul 28, 1997 10:55 pm 
Jordan K. HubbardJul 28, 1997 10:59 pm 
Vincent PoyJul 28, 1997 11:01 pm 
Jordan K. HubbardJul 28, 1997 11:07 pm 
Jordan K. HubbardJul 28, 1997 11:11 pm 
Jordan K. HubbardJul 28, 1997 11:16 pm 
Sergei S. LaskavyJul 29, 1997 12:13 am 
John-David ChildsJul 29, 1997 2:09 am 
NarviJul 29, 1997 2:48 am 
Stephen D. SpencerJul 29, 1997 3:43 am 
Robert WatsonJul 29, 1997 5:32 am 
Adam ShostackJul 29, 1997 5:49 am 
Robert WatsonJul 29, 1997 6:39 am 
Nate WilliamsJul 29, 1997 7:19 am 
Rodney W. GrimesJul 29, 1997 8:58 am 
Warner LoshJul 29, 1997 9:25 am 
Warner LoshJul 29, 1997 9:34 am 
Christopher PetrilliJul 29, 1997 9:52 am 
Jim ShanklandJul 29, 1997 9:57 am 
John DowdalJul 29, 1997 10:50 am 
Poul-Henning KampJul 29, 1997 12:05 pm 
Bill PechterJul 29, 1997 12:29 pm 
Matthew HuntJul 29, 1997 12:37 pm 
Christopher PetrilliJul 29, 1997 12:43 pm 
[Mario1-]Jul 29, 1997 1:07 pm 
Garrett WollmanJul 29, 1997 1:07 pm 
[Mario1-]Jul 29, 1997 1:14 pm 
sth...@nethelp.noJul 29, 1997 1:39 pm 
Jordan K. HubbardJul 29, 1997 2:23 pm 
Vincent PoyJul 29, 1997 2:45 pm 
Vincent PoyJul 29, 1997 2:57 pm 
Vincent PoyJul 29, 1997 3:02 pm 
sth...@nethelp.noJul 29, 1997 3:30 pm 
Rocco LuciaJul 29, 1997 3:33 pm 
Vincent PoyJul 29, 1997 3:44 pm 
Aaron BornsteinJul 29, 1997 3:44 pm 
Vincent PoyJul 29, 1997 3:54 pm 
Vincent PoyJul 29, 1997 4:00 pm 
Jay D. NelsonJul 29, 1997 5:29 pm 
Adam ShostackJul 29, 1997 6:06 pm 
Gary SchrockJul 29, 1997 6:10 pm 
Adam ShostackJul 29, 1997 6:11 pm 
Michael SmithJul 29, 1997 6:54 pm 
Jay D. NelsonJul 29, 1997 7:58 pm 
Jay D. NelsonJul 29, 1997 8:10 pm 
Michael SmithJul 29, 1997 8:25 pm 
Marco MolteniJul 30, 1997 5:04 am 
James SengJul 30, 1997 5:31 am 
Alex G. BulushevJul 30, 1997 5:59 am 
Vincent PoyJul 30, 1997 6:45 am 
Robert WatsonJul 30, 1997 7:03 am 
Nate WilliamsJul 30, 1997 7:48 am 
Vincent PoyJul 30, 1997 7:54 am 
Nate WilliamsJul 30, 1997 8:06 am 
Nate WilliamsJul 30, 1997 8:13 am 
Vincent PoyJul 30, 1997 8:28 am 
Vincent PoyJul 30, 1997 8:33 am 
zoonieJul 30, 1997 9:09 am 
Poul-Henning KampJul 30, 1997 9:25 am 
Poul-Henning KampJul 30, 1997 9:31 am 
John-David ChildsJul 30, 1997 10:17 am 
Ian KallenJul 30, 1997 10:37 am 
Patrick GilbertJul 30, 1997 11:43 am 
Jay D. NelsonJul 30, 1997 1:52 pm 
[Mario1-]Jul 30, 1997 2:06 pm 
Jordan K. HubbardJul 30, 1997 3:53 pm 
Jordan K. HubbardJul 30, 1997 4:04 pm 
yossmanJul 30, 1997 4:20 pm 
Jordan K. HubbardJul 30, 1997 4:24 pm 
Peter KorstenJul 30, 1997 4:43 pm 
Michael SmithJul 30, 1997 8:01 pm 
Cy SchubertJul 30, 1997 9:10 pm 
FreeBSD Technical ReaderJul 30, 1997 11:18 pm 
Marco MolteniJul 31, 1997 5:24 am 
yossmanJul 31, 1997 9:00 am 
Adam ShostackJul 31, 1997 9:19 am 
Marc SlemkoJul 31, 1997 11:23 am 
AndrewAug 1, 1997 10:00 pm 
Dmitry KohmanyukAug 1, 1997 10:32 pm 
Philippe RegnauldAug 2, 1997 1:46 pm 
Subject:Re: security hole in FreeBSD
From:Jay D. Nelson (jd@qiv.com)
Date:Jul 29, 1997 7:58:03 pm
List:org.freebsd.freebsd-security

Your point is well taken. That's why I suggested making it an install option very much like DES. I understand the risks with UUCP and, for the most part, tie it down to control access.

Not all systems or networks are connected to the internet -- in fact, probably less than 50% are connected. In controlled environments, UUCP, rsh and all the traditional tools are quite useful. A knowledgeable Admin knows what needs to be done.

There is no bullet proof system except the one turned off. Why cripple the experienced to protect the inexperienced? The beginners will learn, as we did, as they go along.

-- Jay

On Tue, 29 Jul 1997, Adam Shostack wrote:

-> Let me be clear; I don't have anything against UUCP users, but ->most people don't need it turned on. Since its parts of it are ->setuid, (and thus potential security holes) I think its a reasonable ->to suggest that it ship either not setuid or as an install option. -> -> Yes idiots will hurt themselves. Should we try to make ->FreeBSD reasonably secure? I think so. I think a good metric to use ->is don't install uncommon services by default, require some action to ->turn them on. -> ->Adam -> ->Jay D. Nelson wrote: ->| Sorry -- I guess I'm old fart hold outs. I use uucp and many of my clients ->| use uucp. From what I see, UUCP use is growing even though these machines ->| never show up in the maps. I think uucp will grow even more. ->| ->| Perhaps the best approach, if you really want to take it out of the ->| standard distribution, is to make it an option at install time. Those that ->| don't know what it is won't install it anyway. ->| ->| Idiots will blow their feet of no matter how hard you try to protect them. ->| All you will accomplish, if you take it out of the distribution, is ->| force the idiots to use rm * instead and force me to go to MIT to get ->| and install UUCP. ->| ->| -- Jay ->| ->| On Tue, 29 Jul 1997, Adam Shostack wrote: ->| ->| ->Robert Watson wrote: ->| ->| On Mon, 28 Jul 1997, Adam Shostack wrote: ->| ->| ->| ->| > Vincent Poy wrote: ->| ->| > ->| ->| > su really should be setuid. Everything else is debatable. My ->| ->| > advice is to turn off all setuid bits except those you know you need ->| ->| > (possibly w, who, ps, ping, at, passwd) ->| -> ->| ->| Several mail delivery programs (mail.local, sendmail, uucp-stuff, etc) ->| ->| require root access to delivery to local mailboxes; crontab related
stuff, ->| ->| terminal locking, some kerberos commands, local XWindows servers, and su ->| ->| all rely on suid. ->| -> ->| ->I know no one who still runs uucp. There are a few holdouts, but most ->| ->systems can leave uucp off with no pain. Ditto with kerberos. :) -> ->-- ->"It is seldom that liberty of any kind is lost all at once." -> -Hume -> ->