Context Navigation

← Previous Change
Next Change →

Changeset 5e18c49c for basicnet

Timestamp:

10/04/2003 02:23:39 PM (21 years ago)

Author:

Larry Lawrence <larry@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

Parents:

Message:

compound word edits, a2ps expanded intro

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1303 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

Files:

: 6 edited

djb/daemontools/daemontools-desc.xml (modified) (1 diff)
netlibs/curl/curl-intro.xml (modified) (1 diff)
netprogs/cvs/cvs-desc.xml (modified) (1 diff)
netprogs/inetutils/inetutils-desc.xml (modified) (1 diff)
netprogs/tcpwrappers/tcpwrappers-desc.xml (modified) (1 diff)
netutils/traceroute/traceroute-exp.xml (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

basicnet/djb/daemontools/daemontools-desc.xml

-              r5fd03d2
+              r5e18c49c
 <sect3><title>setuidgid</title>
 <para><command>setuidgid</command> runs a specified program under a given
 account's uid and gid.</para></sect3>
+account's <acronym>UID</acronym> and <acronym>GID</acronym>.</para></sect3>
 <sect3><title>envuidgid</title>
 <para><command>envuidgid</command> performs the same function as setuidgid,
 but sets environment variables <envar>UID</envar> and <envar>GID</envar> equal
 to the uid and gid of the account specified.</para></sect3>
+to the <acronym>UID</acronym> and <acronym>GID</acronym> of the account specified.</para></sect3>
 <sect3><title>envdir</title>

basicnet/netlibs/curl/curl-intro.xml

r5fd03d2	r5e18c49c
7	7	For example, <command>curl http://curl.haxx.se/download/curl-&curl-version;.tar.gz >
8	8	curl-&curl-version;.tar.gz</command> would download this program's
9		~~tar~~ball to the current directory. This ability to both download and
	9	<acronym>TAR</acronym> ball to the current directory. This ability to both download and
10	10	redirect files can be incorporated into other programs to support
11	11	functions like streaming media.</para>

basicnet/netprogs/cvs/cvs-desc.xml

r5fd03d2	r5e18c49c
20	20
21	21	<sect3><title>rcs2log</title>
22		<para><acronym>RCS</acronym> to ChangeLog generator.</para></sect3>
	22	<para><acronym>RCS</acronym> to Change Log generator.</para></sect3>
23	23
24	24	</sect2>

basicnet/netprogs/inetutils/inetutils-desc.xml

r5fd03d2	r5e18c49c
47	47
48	48	<sect3><title>inetd</title>
49		<para><command>inetd</command> is a internet super-server.</para></sect3>
	49	<para><command>inetd</command> is a Internet super-server.</para></sect3>
50	50
51	51	<sect3><title>rexecd</title>

basicnet/netprogs/tcpwrappers/tcpwrappers-desc.xml

r5fd03d2	r5e18c49c
11	11	<sect3><title>tcpd</title>
12	12	<para><command>tcpd</command> is the main access control daemon for all
13		internet services, which <command>inetd</command> or
	13	Internet services, which <command>inetd</command> or
14	14	<command>xinetd</command> will run instead of running the
15	15	requested service daemon.</para></sect3>

basicnet/netutils/traceroute/traceroute-exp.xml

-              r5fd03d2
+              r5e18c49c
 <para><command>make install</command>: Installs <command>traceroute</command>
 setuid root in the <filename>/usr/sbin</filename> directory. This makes it
+with <acronym>UID</acronym> set to  root in the <filename>/usr/sbin</filename> directory. This makes it
 possible for all users to execute <command>traceroute</command>. For absolute
 security, turn off the setuid bit in <command>traceroute</command>'s file
+security, turn off the <acronym>SUID</acronym> bit in <command>traceroute</command>'s file
 permissions with the command:
 <screen><command>chmod 0755 /usr/sbin/traceroute</command></screen></para>
 …
 <para>The risk is that if a security problem such as a buffer overflow were
 ever found in the <application>Traceroute</application> code, a regular user
+on your system could gain root access if the program is setuid root. Removing
+the setuid permission of course also makes it impossible for users other than
+on your system could gain root access if the program is
+<acronym>SUID</acronym> root. Removing
+the <acronym>SUID</acronym> permission of course also makes it impossible for users other than
 root to utilize <command>traceroute</command>, so decide what's right for your
 individual situation.</para>
 <para>Now, to be completely <acronym>FHS</acronym> compliant, as is our aim, if
+you do leave the <command>traceroute</command> binary setuid root, then you
+you do leave the <command>traceroute</command> binary
+<acronym>SUID</acronym> root, then you
 should move <filename>traceroute</filename> to <filename>/usr/bin</filename>
 with the following command:

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: