[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permissions Required On hosts.allow ?

Joe Moore wrote:
> As to your later message:
> setgroups() and initgroups() are not necessary.  Already UID telnetd is able
> to write to /var/run/utmp because of its membership in GID utmp.

>   If they run as a user not listed for tcpwrap (such as an interactive
> user), they will not be able to read /etc/hosts.allow.  This may be a very
> good thing:
> If /etc/hosts.allow is unreadable, and /etc/hosts.deny has ALL:ALL, tcpwrap
> will prevent all connections.  This is desirable if you want a more secure
> system.  This means that if you have not added telnetd to the tcpwrap group,
> in.telnetd will not accept connections from anywhere, even if it's
> accidentally (or intentionally) started (by a malicious? user)

!!!  Talk about a convoluted approach.  If you want services which
happen to use tcp wrappers and which happen to have been started
without your knowledge to reject connections by default just don't use
wildcards (ALL:) in hosts.allow.  List every daemon explicitly.  Don't
rely on the side effects of misconfiguration to do something that the
framework already allows.

I'll say this one more time: the system isn't that broken, stop trying
to fix it.  There is no legitimate reason to jump through all these
hoops just to hide your tcp wrappers configuration from your local
users.  If the requirements for your host dictate minimal access
rights use an access control system thats been designed to achieve it
without creating a huge mess.

Jamie Heilman                   http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
                                                        -Frank Zappa

Reply to: