On Thursday 17 September 2009 19:55:33 Ruben de Groot wrote: > On Thu, Sep 17, 2009 at 07:14:29PM +0200, Mel Flynn typed: > > On Wednesday 16 September 2009 21:18:03 Tom Worster wrote: > > > On 9/16/09 2:37 PM, "Mel Flynn" > > > > > > <mel.flynn+fbsd.questi...@mailing.thruhere.net> wrote: > > > > On Wednesday 16 September 2009 20:21:40 Chris Cowart wrote: > > > >> Tom Worster wrote: > > > >>> thanks, Mel, that's good to know. > > > >>> > > > >>> i think your suggestion of modifying rc.conf will turn out to be a > > > >>> tidy solution for me. > > > >> > > > >> You could also just put: > > > >> > > > >> sshd_flags="-o X11Forwarding=no" > > > >> > > > >> into your /etc/rc.conf file. > > > > > > > > What he wants is passing arguments without touching config files, > > > > which I find myself needing sometimes as well, on machines where > > > > static partitions are mounted read-only + kern.secure_level. > > > > > > that's right. > > > > > > when i read in 11.7 of the handbook: "Since the rc.d system is > > > primarily intended to start/stop services at system startup/shutdown > > > time, ..." i thought: maybe i'm making things hard by trying to use > > > rc.d scripts when i could just execute the daemon's binary. > > > > One downside I forgot to mention: > > You do open yourself up now to SSHD_FLAGS="-o AllowRoot=yes", so you may > > need to complicate the logic a bit more, by sanitizing SSHD_FLAGS. > > Please explain how this can be exploited by a non-root user?
By adding this to .profile of compromised wheel account and waiting for him to run sudo -E or using an older version of sudo. Yes, it's an unlikely path. More to the point, it defeats having ro mounted /etc + secure level, since no reboot is required to modify the running sshd, so you're compromising your failsafe. -- Mel _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
