Jason Hellenthal wrote:
>
> On Fri, Jun 22, 2012 at 03:43:47PM +0200, Julian H. Stacey wrote:
> > Hi freebsd-security@freebsd.org
> > On an 8.3-RELEASE running sshd, /var/log/auth.log
> > Jun 22 12:54:06 lapr sshd[57505]: Authentication refused:
> > bad ownership or modes for directory /
> > Until I did
> > chown 0:0 /
> > ( It was previously
> > drwxr-xr-x 25 bin bin 1024 Jun 20 19:53 ./
> > )
> > The chown is consistent with all of 8.3 /bin also being root & not bin,
> >
> > BUT
> >
> > Over use of Root seems Bad.
> > Our ownership scheme has degraded compared to early 1980s Unix, where
> > most bin & lib files & dirs were owned by bin, except for
> > - a few SUID bins that Needed root
> > - occasional administrator droppings,
> > temporary accidental files that glared at the eyeball,
> > as root, cos near all else was just bin.
> >
> > IMO very little in a system should be user root.
> >
> > Apologies, but to guide replies :
> > (after threads burnt by a troll on another list)
> > I'd not appreciate replies just along the lines of
> > "It has to be to satisfy existing software".
> > I'd much rather receive replies along lines of
> > "What would be best ownership scheme, advantages &
> > disadvantages + should we change anything ?"
> >
>
> What are you currently using this in that is the cause of the problem ?
>
> Is this a jail, physical system, VM ...
Physical.
> It is not really clear why you would want to change the permissions of
> root:wheel of / on any of these.
To Increase security.
More visual prompting of when juniot admins blunder& cerate
junk as root
A SUID with bin has less power than a SUID with uid=root
Currently every binary in the system is one bit away from the jackpot,
SUID root, why not convert most binaries to uid=bin, thenmost binaries
are 2 bits away from jackpot, more safety in event of a blunder too.
> root is the owner of the system ... it
Only because it currently is, & you'r used to it ;-)
Remember back a few decades, Think more deeply, Why do you think it
_needs_ to be ? Unix didnt used to Want that, it was usualy a blunder when
it occured.
look at /etc/passwd
root: entry has the shell,
bin: entry is more limited, just has /sbin/nologin
The question is WHY did FreeBSD switch to promote everything to root ?
That it did so Way back proves nothing,
Cos further back Unix was bin.
It used to be a junior admin blunder to make everything root ;-)
IMO it still smells suspiciously like it.
I'd like to derate most binaries to have less privelige - bin not root.
> is pretty much a standard if not already that root owns everything so I
> am not really following why.
>
> openssh in itself... I am glad it does this. If a system has been
> compromised by changing owner:group of / then it denies access to the
> whole system. This is a security benefit.
>
> Security principles are well laid out and have not changed in a long
> time. Vering away from those principles will cause a LOT of
> administrative overhead as most software out there can expect a sane
> environment if / is root:wheel
Why FreeBSD needs everything root is beyond me, reduces security a bit IMO.
Sure FreeBSD currently wants everything root, but want != need.
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Reply below not above, cumulative like a play script, & indent with "> ".
Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
