Re: options SUIDDIR

From: Andy (seahorse51@attbi.com)
Date: 09/21/02 

Date: Fri, 20 Sep 2002 16:51:39 -0600
To: "Jack L. Stone" <jackstone@sage-one.net>, freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
From: Andy <seahorse51@attbi.com>

At 16:33 09/20/2002, Jack L. Stone wrote:
>At 04:00 PM 9.19.2002 -0600, Andy wrote:
> >I have been researching the use of "options SUDIDIR" in the kernel. I have
> >noted several warnings about the use of this option being a security issue,
> >but I have as of yet to read or see any explanation as to what kind of
> >security issue its use represents.
> >
> >Any assistance in an explanation concerning this would be very much
> >appreciated.
> >
> >Andy
> >
> >
>
>I have this in my kernel from when I used the base system FTP server, but
>since swithing to ProFTP, I have not seen a use for it and was planning to
>remove on next compile of the kernel.....
>
>What uses do you have in mind. Maybe I'll leave it in if really useful for
>some other app.
>
>Best regards,
>Jack L. Stone,
>Administrator

I would like to be able to use it to ensure that file ownerships are
correct in user home directories. Most files that are created via scripts
and the web server take on the ownership of whatever the Web server is
being run as. This makes it difficult for someone to remove them if they
so desire.

The only warnings I have seen indicate that it is a security risk in the
event, that shell access is permitted on servers that use the SUIDDIR
option. I have not as of yet been able to discover what kind of security
risk this represents and/or how it can be exploited.

As with anything, one can not make an educated decision without having all
of the facts or details concerning the issue in question.

Andy

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • [NT] Poisoning Cached HTTPS Documents in Internet Explorer
    ... Get your security news from a reliable source. ... "poison" a user's browser cache with a malicious document that will later ... The attacker can exploit this vulnerability for "replacing" HTML ... to communicate with a malicious web server over HTTPS without the browser ...
    (Securiteam)
  • [NT] Webserver 4D Weak Password Preservation Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... complete Web Server environment written entirely on top of 4th Dimension, ... WS4D web server saves the passwords somewhere insecure. ...
    (Securiteam)
  • Re: 2003 Web Server Security flaw
    ... "Locked-down windows 2003 Web Server used only to host web sites". ... What is your logic/rationale for Media Player being a required install ... The Media Player patch was the ONLY that FAILED. ... > When talking about computer security, there are areas that have no such ...
    (microsoft.public.windows.server.security)
  • Web session tracking security prob. Vulnerable: IIS and ColdFusion (maybe others)
    ... SECURITY PROBLEMS WITH WEB SERVERS' SESSION TRACKING MECHANISMS. ... 2001 we reported the following problem (with specifics to IIS and SITESERVER) to the Microsoft Security Response Center. ... These vulnerabilities, especially when combined with well-known cross-site scripting vulnerabilities, could cause loss of confidentiality, failure of non-repudiation and fraud. ... The browser stores and returns the "ASPSESSIONID" or "CFID/CFTOKEN" values with each subsequent request to the web server. ...
    (Vuln-Dev)
  • Re: Recommended Windows Hosts
    ... disagreement with their business strategy though and their ... >attempt to repair security flaws...". ... My point is that they are patching a damaged architecture. ... >recommended not allowing parent paths on the Web server. ...
    (microsoft.public.frontpage.client)