On Mon, Oct 16, 2017 at 02:05:05PM -0400, Jean-Louis Martineau wrote: > On 16/10/17 01:48 PM, Jon LaBadie wrote: > > On Mon, Oct 16, 2017 at 08:12:43AM -0400, Jean-Louis Martineau wrote: > >> On 14/10/17 12:12 PM, Jose M Calhariz wrote: > >>> On Sat, Oct 14, 2017 at 11:36:09AM -0400, Jean-Louis Martineau wrote: > >>>> On 14/10/17 11:14 AM, Jose M Calhariz wrote: > >>>>> -rwsr-xr-- 1 root backup 10232 Oct 13 17:23 ambind > >>>> ambind must not be readable by all > >>>> > >>>> -rwsr-x--- 1 root backup 10232 Oct 13 17:23 ambind > >>> Thank you for the quick reply. May I ask why "ambind must not be > >>> readable by all" ? > >> All suid program in amanda are always installed like this. > >> > > Why are all amanda suid programs installed this way? > It's before I was born, maybe not, but before I started to work on the > amanda software. > It's kind of security by hiding, it's harder to find a vulnerability in > the suid binary if you can't read it.
I guessed it was security by obscurity. > It make sense when you build yourself, but not when doing a package > where everyone can read the files in the package. For the same reason I felt that would be "false" security. > The group probably do not read the 'r' bit either. > > Do you think amcheck should not check if the suid binary are readable by > all? > My gut reaction is such a check is superfluous. But I'm not a security expert. Do we have any security specialist (or others) on the list who would care to comment? Does amcheck do any checks for amanda programs that are [sg]uid that should not be? Jon -- Jon H. LaBadie j...@jgcomp.com 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C)