/ owned by bin causes sshd to complain bad ownership

Scott Lambert lambert at lambertfam.org
Fri Jun 22 23:28:34 UTC 2012 

On Fri, Jun 22, 2012 at 07:15:25PM +0200, Julian H. Stacey wrote:
> Jason Hellenthal wrote:
> > 
> > On Fri, Jun 22, 2012 at 03:43:47PM +0200, Julian H. Stacey wrote:
> > > Over use of Root seems Bad. 
> > > Our ownership scheme has degraded compared to early 1980s Unix, where
> > > 	most bin & lib files & dirs were owned by bin, except for
> > > 		- a few SUID bins that Needed root
> > > 		- occasional administrator droppings,
> > > 		  temporary accidental files that glared at the eyeball,
> > > 		  as root, cos near all else was just bin.
> > > 
> > > IMO very little in a system should be user root.
> > > 
> > > Apologies, but to guide replies :
> > > 	(after threads burnt by a troll on another list)
> > > 	I'd not appreciate replies just along the lines of
> > > 		 "It has to be to satisfy existing software". 
> > > 	I'd much rather receive replies along lines of 
> > > 		"What would be best ownership scheme, advantages &
> > > 		 disadvantages + should we change anything ?"
> > > 
> > 
> > It is not really clear why you would want to change the permissions of
> > root:wheel of / on any of these. 
> 
> To Increase security.
> 	More visual prompting of when juniot admins blunder& cerate
> 	junk as root
> 	A SUID with bin has less power than a SUID with uid=root
> 	Currently every binary in the system is one bit away from the jackpot,
> 	SUID root, why not convert most binaries to uid=bin, thenmost binaries
> 	are 2 bits away from jackpot, more safety in event of a blunder too.
> 
> > root is the owner of the system ... it
> 
> Only because it currently is, & you'r used to it ;-)
> Remember back a few decades, Think more deeply, Why do you think it
> _needs_ to be ? Unix didnt used to Want that, it was usualy  a blunder when
> it occured.
> 
> 	look at /etc/passwd
> 		root: entry has the shell,
> 		bin: entry is more limited, just has /sbin/nologin

Would not a 0:0 / (or all system directory entries) help limit the
damage possible if a junior admin sets suid on a random, possibly
bogus, bin:bin binary?
 
-- 
Scott Lambert                    KC5MLE                       Unix SysAdmin
lambert at lambertfam.org

More information about the freebsd-security mailing list