On Sat, Feb 02, 2002 at 07:01:08PM +0100, Manuel Bouyer wrote:
> As it runs with no port open, it's not that much of a problem.

But it could be when we open ports like ssh.

> > For example:
> > 
> > /bin/df is sgid operator - yet appears to operate fine without this.
> 
> This is so that you can run df on an unmounted filesystem

But only administrator or operator should do that.
I think it's better to make special group for that and (as it would be run
manually) make one df without suid and another with suid.
The second one will have perms r-sr-x---, and will be in group operator.

> > /sbin/{r,}dump{,_lfs} are sgid tty - this again (to me) doesn't seem
> > necessary.
> This is for 'dump -n' to work.

Dump is another program that should be used only by people in group
operator.

> > /usr/sbin/pppd,
> 
> You don't have to be root to run pppd.

But you can be in group ppp if you have to.

I know that we can have fully-functional system or secure system and I'm
working on a small script, that could make NetBSD more secure,
but will take some of functionality.
When you want to have secure system - You have only to run that script and
perms for many files will be changed.
First version of that script can be found at
http://www.htcon.pl/~wojboj/securesystem

-- 
Wojciech Bojdoł
High-Tech Consulting