*BSD News Article 71049


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.mira.net.au!vic.news.telstra.net!act.news.telstra.net!psgrain!usenet.eel.ufl.edu!arclight.uoregon.edu!news.sprintlink.net!news-stk-200.sprintlink.net!news.mathworks.com!newscaster-1.mcast.net!informatik.uni-bremen.de!cs.tu-berlin.de!uni-erlangen.de!news.tu-chemnitz.de!irz401!orion.sax.de!uriah.heep!news
From: j@uriah.heep.sax.de (J Wunsch)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: BSD Security Holes
Date: 15 Jun 1996 19:30:49 GMT
Organization: Private BSD site, Dresden
Lines: 31
Message-ID: <4pv319$84e@uriah.heep.sax.de>
References: <4psbbv$j21@mawny.microagewny.com>
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
NNTP-Posting-Host: localhost.heep.sax.de
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Newsreader: knews 0.9.6
X-Phone: +49-351-2012 669
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E

anthony@microagewny.com (Endless, Nameless) wrote:

> I'm a new BSD user, and want to just right into netowrking and dial-up
> networking with my friends.  But, my friends have frieds..and so on,
> that I don't know and don't neccisarily trust.  I want to be safe, and
> was wondering about maybe, common mistakes I might make to cause a
> hole.  A second question has there been any holes with the
> passwd/shadow system running on BSD? Any ideas would greatly be
> appreciated.

Well, if they are your friends (and not bad guys who will go great
lengths to break into your system), the regular system should work
well.  Fiddle with the permissions of files and directories, and with
group access as you like it best.

If you are paranoid, you can always setup a chroot'ed environment for
them, but it's a bit of work, and also costs a considerable amount of
disk space.

For some good reading, i would recommend Clifford Stoll's ``The
Cuckoo's Egg''.  It's an entertaining book around computer security,
which helped me much to get the feeling about what to do and what to
avoid.  (And nope, my passwords cannot be found in a dictionary since
i've read this book, nor are they written anywhere on paper. :)

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)