"Pat Myrto" has been known to say: > >There is a patch, that is nothing more than a script that improves >the perms that is available, at least for SunOS 4.1.x. As you point out >it changes /etc/ from bin to root, and the same with a lot of other >subdirs. How complete it is, I don't know but it is far better than >the original. > To get the permissions right under SunOS you have to do it yourself mount: / rw,nosuid /usr ro /var rw,nosuid /home rw,nosuid /tmp rw,nosuid /usr/local ro and for automount/afs users: /net rw,nosuid,nodev this way there is not place to install a setuid program/backdoor and most of the system binaries are on a readonly partition. as for sun automount (afs is better :-) I find most sites that setup /net forget to disable setuid, thus anyone can get root my typing the command: /net/unsecure.host.another.dom/tmp/make_be_root