Sorry for disturbing you. This was for security mailing list and I sent it here by mistake
Cheers, Peter Rosa ----- Original Message ----- From: "Peter Rosa" <[EMAIL PROTECTED]> To: "FreeBSD Questions" <[EMAIL PROTECTED]> Sent: Saturday, July 26, 2003 7:11 PM Subject: suid bit files and securing FreeBSD > Hello everybody, > > I'm a newbie in this list, so I don't know if it's the appropriate place > for my question. Anyway, I'd be happy to find out the solution. > > Please, has anyone simple answer for: > > I'm looking for an exact list of files, which: > 1. MUST have... > 2. HAVE FROM BSD INSTALLATION... > 3. DO NOT NEED... > 4. NEVER MAY... > ...the suid-bit set. > > Of course, it's no problem to find-out which files ALREADY HAS > suid-bit set. But what files REALLY MUST have it ? > I know generalities, as e.g. shell should never have suid bit set, > but what if someone has copied any shell to some other location > and have set the suid bit ? It's security hole, isn't it ? > And what if I have more such files on my machine ? > It is not about my machine has been compromited, it is only WHAT IF... > > -------------------------------------------- > > Second question is: Has anybody an exact wizard, how to secure > the FreeBSD machine. Imagine the situation, the only person who > can do anything on that machine is me, and nobody other. I have > set very restrictive firewalling, I have removed ALL tty's except > two local tty's (I need to work on that machine), but there are > still open port 25 and 53 (must be forever), so someone very > tricky can compromite my machine. > > I'm a little bit paranoic, don't I :-))))))) > > Cheers, > > Peter Rosa > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"