> > > That would not be a logical step. Right now programs such as rlogin, ssh, > > > NFS etc make sure that you cannot login as root or that root rights > > > get smashed. If your box is cracked somehow, it often is the case that > > > people can get any userid they like _except_ root. If the system binaries > > > are owned by a non-root uid, that will lower security quite significantly. > > On Sat, Sep 23, 2000 at 01:07:18AM -0300, Nicol?s Lichtmaier wrote: > > Why can't those programs be enhanced to protect the `bin' user? > > For the most part, they can protect an arbitrary set of users, if > configured properly. > > However, if bin owns binaries which are run by root, you've just made it > so that cracking bin is equivalent to cracking root. Simple example: > let's say that bin owns /bin/sh. So you replace /bin/sh and wait for > the next time root runs a shell script. > > Increasing security isn't a matter of making random changes to the system.
Your point is so obvious. duh... how did I miss that? Of course that cracking bin would be like cracking root...! > > Anyway, al those protections were designed with the traditional > > security scheme in mind. So yes, this is a real problem, and these > > utilities should be changed. > > > > Sooner or later we'll need to address all this. I can't see why don't > > we start now. > > How about figuring out what you're talking about, first? Allright, I drop the case.
