Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.mira.net.au!vic.news.telstra.net!act.news.telstra.net!psgrain!usenet.eel.ufl.edu!arclight.uoregon.edu!news.sprintlink.net!news-stk-200.sprintlink.net!news.mathworks.com!newscaster-1.mcast.net!informatik.uni-bremen.de!cs.tu-berlin.de!uni-erlangen.de!news.tu-chemnitz.de!irz401!orion.sax.de!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: BSD Security Holes Date: 15 Jun 1996 19:30:49 GMT Organization: Private BSD site, Dresden Lines: 31 Message-ID: <4pv319$84e@uriah.heep.sax.de> References: <4psbbv$j21@mawny.microagewny.com> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.6 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E anthony@microagewny.com (Endless, Nameless) wrote: > I'm a new BSD user, and want to just right into netowrking and dial-up > networking with my friends. But, my friends have frieds..and so on, > that I don't know and don't neccisarily trust. I want to be safe, and > was wondering about maybe, common mistakes I might make to cause a > hole. A second question has there been any holes with the > passwd/shadow system running on BSD? Any ideas would greatly be > appreciated. Well, if they are your friends (and not bad guys who will go great lengths to break into your system), the regular system should work well. Fiddle with the permissions of files and directories, and with group access as you like it best. If you are paranoid, you can always setup a chroot'ed environment for them, but it's a bit of work, and also costs a considerable amount of disk space. For some good reading, i would recommend Clifford Stoll's ``The Cuckoo's Egg''. It's an entertaining book around computer security, which helped me much to get the feeling about what to do and what to avoid. (And nope, my passwords cannot be found in a dictionary since i've read this book, nor are they written anywhere on paper. :) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)