Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!ames!ll-xn!adelie!munsell!pz
From: pz@munsell.UUCP (Paul Czarnecki)
Newsgroups: comp.unix.wizards
Subject: Re: Remote dumps as root (was Re: Why does "root" worn everything?)
Message-ID: <1615@pinney.munsell.UUCP>
Date: 22 Mar 88 23:56:55 GMT
References: <5209@uwmcsd1.UUCP> <9269@sunybcs.UUCP> <7454@brl-smoke.ARPA> <9926@steinmetz.steinmetz.UUCP> <9318@sunybcs.UUCP> <1610@pinney.munsell.UUCP> <2463@umd5.umd.edu>
Reply-To: pz@pinney.UUCP (Paul Czarnecki)
Distribution: na
Organization: Eikonix Corp., Bedford, MA
Lines: 25

In article <2463@umd5.umd.edu> louie@trantor.umd.edu (Louis A. Mamakos) writes:
>In article <1610@pinney.munsell.UUCP> pz@pinney.UUCP (Paul Czarnecki) writes:
>>They [Sun] just told me to make /etc/dump setuid root, setgid operator.
>>None of my backups are done by someone logging in as root.
>>Was this stupid?
>
>I think so.  What's to stop Joe User from doing something like:
>
>	dump 0f /dev/rra0c - | restore xf - ./path/secret-file

This shouldn't happen.

root@munsell #85 ls -lg /etc/dump
-rwsr-s---  1 root     operator    90112 Sep 15  1986 /etc/dump

There is no 'x' bit for normal users.  You must be in the group
"operator" to run this (or root).

After seeing the volume of responses on this I wish I had included the
'ls' output in my original posting.

					pZ

-- 
		       Paul Czarnecki -- Spam, spam, spam, Usenet, and spam
	{{harvard,ll-xn}!adelie,{decvax,allegra,talcott}!encore}!munsell!pz