From: wietse@wzv.win.tue.nl (Wietse Venema)
Newsgroups: alt.sys.sun,alt.security
Subject: Re: What breaks if /etc is not owned by bin?
Message-ID: <2585@wzv.win.tue.nl>
Date: 6 Sep 91 21:50:58 GMT
References: <1991Sep06.135810.320@donau.et.tudelft.nl>
Organization: Eindhoven University of Technology, The Netherlands

wolff@dutecaj.et.tudelft.nl (Rogier Wolff) writes:

>It strikes me that /etc is owned by bin. This makes it very easy for
>attacks over NFS to break "root". 
>[...]
>- What would break (if anything) if we 
>	chown root /dev /etc /usr/etc /var/yp /tmp /var /var/adm

As far as I know, nothing breaks if you chown root /* /usr/{lib,etc}.
That is what we do here routinely (SunOS 4.1.[01]).  "chmod go-w" does
not hurt either, except for things that should be world-writable.

A few more ideas:

"umask 022" at the start of our /etc/rc* files also gives no problems.
Examine your /etc/inetd.conf file. Do all those daemons really have to
be run with root privilege?  Does your kernel accept NFS requests from
non-privileged ports (*)? There is a lot more that can be done without
breaking things.

(*) This and other stuff is conditionalized on the presence or absence
of /etc/security/passwd.adjunct. We modified rc.local to always choose
the less insecure mode. Until today, nothing got broken.