Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!umd5!mimsy!aplcen!osiris!mjr
From: mjr@osiris.UUCP (Marcus J. Ranum)
Newsgroups: comp.unix.wizards
Subject: Re: Remote dumps as root (was Re: Why does "root" worn everything?)
Message-ID: <1568@osiris.UUCP>
Date: 19 Mar 88 01:36:47 GMT
References: <9318@sunybcs.UUCP> <1610@pinney.munsell.UUCP>
Reply-To: mjr@osiris.UUCP (Marcus J. Ranum)
Distribution: na
Organization: Institute For Felinographical Studies
Lines: 23

In article <1610@pinney.munsell.UUCP> pz@pinney.UUCP (Paul Czarnecki) writes:
>
>I asked Sun what to do about this.  (Isn't software support wonderful)
>They just told me to make /etc/dump setuid root, setgid operator.
>None of my backups are done by someone logging in as root.
>
>Was this stupid?

	Gee - I am trying to remember if that is stupid or not: what happens
if Joe Blow then logs in and does a "/etc/dump 0f /vmunix <dumpdev>" or
something like that ??  :-)  Does it also allow anyone to make a copy of
a filesystem, including files that they normally couldn't look at ?? I
don't know if Sun has modified dump, but I'd check it out...  :-)

	Another option would be to have a COPY of dump that was setuid root
executable only by group operator, in a place where only that group (you'd
better HOPE) could execute it.

--mjr();
-- 
------------------------------------------------------------------------------
...ich bin in einem dusenjet ins jahr 53 vor chr...ich lande im antiken Rom...
                     einige gladiatoren spielen scrabble...ich rieche PIZZA...