Date: Fri, 9 Jul 1999 15:10:39 -0700 (PDT) From: Cliff Skolnick <cliff@steam.com> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: Warner Losh <imp@village.org>, Gustavo V G C Rios <kernel@tdnet.com.br>, security@FreeBSD.ORG, bos-owner-br@sekure.org Subject: Re: suid/guid Message-ID: <Pine.BSF.4.10.9907091505140.2365-100000@lazlo.internal.steam.com> In-Reply-To: <xzpr9mhr3oo.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
I have cron jobs that want this info, and I would rather not run my cron jobs as root. IMHO a few setuid root, or setgid something executables are way better than setuid root cron scripts. I usually run my cron jobs as normal user like accounts, but I guess I could add groups to these specific accounts if needed. Better than root, but the account now has a higher class that normal users so it becomes an attractive target. Cliff On 9 Jul 1999, Dag-Erling Smorgrav wrote: > Warner Losh <imp@village.org> writes: > > Agreed. I'm also starting to think that a system-wide tunable that > > would turn off almost all of the set[ug]id installation. Almost > > nobody needs setuidperl, for example. If df is installed w/o setgid > > operator, almost no functionality is lost. etc. Of course exatly > > what would be lost would be documented. Comments? > > None on the general concept - but one on the specific example: who > except root needs to know what df(1) can report when sgid operator? > > DES > -- > Dag-Erling Smorgrav - des@flood.ping.uio.no > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- Cliff Skolnick | "They that can give up essential liberty to obtain Steam Tunnel Operations | a little temporary safety deserve neither liberty cliff@steam.com | nor safety." http://www.steam.com/ | -- Benjamin Franklin, 1759 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9907091505140.2365-100000>