Should standard binaries & directories revert from uid=root to bin ?

Adrian Chadd adrian at freebsd.org
Fri Mar 30 18:57:30 UTC 2012 

hi,

because id=0 defaults to being squashed via nfs. But if you have a
filesystem full of uid=bin/gid=bin binaries, a slightly insecure NFS
setup would allow NFS clients to simply set their uid=bin and change
these binaries. :-)


Adrian

On 30 March 2012 08:16, Julian H. Stacey <jhs at berklix.com> wrote:
> Hi arch@
> Time was, (& I can go back over 25 years here, but more recently too :-)
> When standard Unix non SUID executables such as wc would be UID=bin,
> GID=bin, & not root.  Ditto bin/ & lib/ etc directories.
>
> One advantage was:
>  Anything that showed up with ls -l as UID=0 was either a SUID
>  special, known to the admin's eye, or some administrative dropping,
>  mistakenly created by someone logged in as root, to be reviewed/
>  regenerated/ deleted.
>
> Now all is UID=0.  Why ? What advantage did it bring ?
>
> Obviously some SUID & SGID executables need 0 (some could need just bin!)
> but most files & directories do not need UID 0.
>
> BTW, How I noticed this :
>  I was tracing why
>        /usr/sbin/sshd -d -d -d -D
>  was erroring:
>        debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4s1/usr1/home'
>        Authentication refused: bad ownership or modes for directory
>                 /.amd_mnt/sshd_host/ad4s1/usr1/home
>  just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on another
>  host, & there an intermediate directory was owned by bin & not root,
>        ls -la /host/sshd_host/ad4s1/usr1/home
>                drwxr-xr-x  18 bin     bin       512 Mar  6 11:56 ./
>  so I had to
>        chown root:wheel /ad4s1/usr1/home
>  Just to satisfy sshd being pointlessly strict, as directory was 755.
>
> So we have sshd that's pointlessly strict, & ownerships that seem
> to have near all lost their precision. A funny combo ;-)
>
> Might others tackle the generic over use of root ?
> If so I could create a patch to send-pr ssh  ?
> (but as ssh is an import, maybe just report & not [yet?] patch ?)
>
> Cheers,
> Julian
> --
> Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
>  Reply below not above, cumulative like a play script, & indent with "> ".
>  Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
>        Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
> _______________________________________________
> freebsd-arch at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe at freebsd.org"

More information about the freebsd-arch mailing list