suid bit files and securing FreeBSD

[Peter Rosa]

Sorry for disturbing you. This was for security mailing list and I sent it
here by mistake

Cheers,

Peter Rosa


----- Original Message -----
From: "Peter Rosa" <prosa at pro.sk>
To: "FreeBSD Questions" <freebsd-questions at freebsd.org>
Sent: Saturday, July 26, 2003 7:11 PM
Subject: suid bit files and securing FreeBSD


> Hello everybody,
>
> I'm a newbie in this list, so I don't know if it's the appropriate place
> for my question. Anyway, I'd be happy to find out the solution.
>
> Please, has anyone simple answer for:
>
> I'm looking for an exact list of files, which:
> 1. MUST have...
> 2. HAVE FROM BSD INSTALLATION...
> 3. DO NOT NEED...
> 4. NEVER MAY...
> ...the suid-bit set.
>
> Of course, it's no problem to find-out which files ALREADY HAS
> suid-bit set. But what files REALLY MUST have it ?
> I know generalities, as e.g. shell should never have suid bit set,
> but what if someone has copied any shell to some other location
> and have set the suid bit ? It's security hole, isn't it ?
> And what if I have more such files on my machine ?
> It is not about my machine has been compromited, it is only WHAT IF...
>
> --------------------------------------------
>
> Second question is: Has anybody an exact wizard, how to secure
> the FreeBSD machine. Imagine the situation, the only person who
> can do anything on that machine is me, and nobody other. I have
> set very restrictive firewalling, I have removed ALL tty's except
> two local tty's (I need to work on that machine), but there are
> still open port 25 and 53 (must be forever), so someone very
> tricky can compromite my machine.
>
> I'm a little bit paranoic, don't I :-)))))))
>
> Cheers,
>
> Peter Rosa
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
>