Subject: Re: changing default user from bin:bin to root:wheel
To: None <perry@piermont.com>
From: Jim Bernard <jbernard@tater.mines.edu>
List: tech-security
Date: 02/20/1998 17:36:10
On 2 19, Perry E. Metzger wrote:
> 
> 1) The files do not have "privileges" if they are not suid or sgid.
> 2) the issue is NFS semantics. NFS does no permissions checking -- the
>    only defense one has against ugly nfs evil is the nobody/nogroup
>    translation that happens to accesses by user/group 0. Stuff owned
>    by root:wheel can't be touched over NFS, which is what we want. As

  So what do we do about files that _are_ suid (or sgid) and not to root:wheel,
for example, /usr/libexec/uucp/uucico?  It seems like the only solutions are
(a) never to export system-related filesystems read/write or (b) to map all
uids and gids on exported system-related filesystems to nobody/nogroup.  If
either of those is done, it seems like it doesn't matter who owns the files,
at least from the standpoint of NFS security.  If neither of those is done,
somebody will compromise your uucico (and others) regardless of who owns
/bin/ls (e.g.)