Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: Bad Advise

Re: Bad Advise

David Lawrence Oppenheimer (davidophoenix.Princeton.EDU)
Tue, 26 Jul 1994 19:12:02 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Sam Hartman: "Re: Bad Advise"
Previous message: jimTadpole.COM: "Re: Bad Advise"
In reply to: G.J.W. Hagenaars: "Re: Bad Advise"
Next in thread: Evil Pete: "Re: Bad Advise"

On Tue, 26 Jul 1994, G.J.W. Hagenaars wrote:

> Christopher W. Klaus wrote:
> 
> % Here is some advise from Sun that I highly recommend you DO NOT DO.
> % 
> %           Make the home directory owned by ``ftp'' and unwritable
> %           by anyone. 
> % 
> % I highly recommend you change that to owned by ``root''.  
> 
> I was thinking about ownership of the whole ftp-tree by user `nobody'. Are
> there any benefits to using `root' instead of `nobody'?

Egad, this is far worse than using owner root. Among other things, 
'nobody' is used as the userid on the server side of finger (assuming you 
have your fingerd service in /etc/inetd.conf defined to run as user 
nobody, which is the secure thing to do) and of NFS (when a request comes 
from an unknown user, or from somebody trying to NFS mount a server as 
root and this permission is disallowed by the /etc/exports configuration).

>From the exports(5) man page [SunOS 4.1.3]:

                    anon=uid
                         If a request comes from an unknown user,
                         use  uid as the effective user ID. Note:
                         root users (uid 0) are always considered
                         "unknown" by the NFS server, unless they
                         are included in the "root" option below.
                         The default value for this option is the
                         UID of the user "nobody".  If  the  user
                         "nobody"  does  not exist then the value
                         65534 is used.   Setting  the  value  of
                         "anon"   to   65535  disables  anonymous
                         access.  Note:  by  default  secure  NFS
                         accepts  insecure requests as anonymous,
                         and those wishing for extra security can
                         disable  this  feature by setting "anon"
                         to 65534.
 

Clearly, using nobody is asking for trouble. Best to stick with the 
conventional wisdom of owner root for ~ftp.


David Oppenheimer
davidophoenix.Princeton.EDU

Next message: Sam Hartman: "Re: Bad Advise"
Previous message: jimTadpole.COM: "Re: Bad Advise"
In reply to: G.J.W. Hagenaars: "Re: Bad Advise"
Next in thread: Evil Pete: "Re: Bad Advise"