From owner-cvs-gnu Sun Jun 16 06:15:47 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA07155 for cvs-gnu-outgoing; Sun, 16 Jun 1996 06:15:47 -0700 (PDT) Received: (from jkh@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA07134; Sun, 16 Jun 1996 06:15:36 -0700 (PDT) Date: Sun, 16 Jun 1996 06:15:36 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <199606161315.GAA07134@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-gnu Subject: cvs commit: src/gnu/usr.bin/groff Makefile src/gnu/usr.bin/groff/xditview ChangeLog DESC Dvi.c Dvi.h DviChar.c DviChar.h DviP.h FontMap GXditview.ad INSTALL Imakefile Makefile Menu.h README TODO XFontName.c XFontName.h device.c device.h draw.c font.c gxditview.man lex.c page.c parse.c xdit.bm xdit_mask.bm xditview.c xtotroff.c Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jkh 96/06/16 06:15:36 Modified: gnu/usr.bin/groff Makefile Removed: gnu/usr.bin/groff/xditview ChangeLog DESC Dvi.c Dvi.h DviChar.c DviChar.h DviP.h FontMap GXditview.ad INSTALL Imakefile Makefile Menu.h README TODO XFontName.c XFontName.h device.c device.h draw.c font.c gxditview.man lex.c page.c parse.c xdit.bm xdit_mask.bm xditview.c xtotroff.c Log: Nuke xditview. It was in the same category as xroach. Screeched-For By: Michael Smith Revision Changes Path 1.6 +1 -1 src/gnu/usr.bin/groff/Makefile From owner-cvs-gnu Fri Jun 21 11:50:09 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA12569 for cvs-gnu-outgoing; Fri, 21 Jun 1996 11:50:09 -0700 (PDT) Received: (from ache@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA12434; Fri, 21 Jun 1996 11:49:40 -0700 (PDT) Date: Fri, 21 Jun 1996 11:49:40 -0700 (PDT) From: "Andrey A. Chernov" Message-Id: <199606211849.LAA12434@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-gnu Subject: cvs commit: src/gnu/usr.bin/man/man Makefile man.c Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 96/06/21 11:49:39 Modified: gnu/usr.bin/man/man Makefile man.c Log: Close security holes and restore suid bit Restore writting cat's functionality Revision Changes Path 1.16 +2 -0 src/gnu/usr.bin/man/man/Makefile 1.15 +123 -46 src/gnu/usr.bin/man/man/man.c From owner-cvs-gnu Fri Jun 21 23:32:50 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA04122 for cvs-gnu-outgoing; Fri, 21 Jun 1996 23:32:50 -0700 (PDT) Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA04116; Fri, 21 Jun 1996 23:32:45 -0700 (PDT) Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.12/8.6.9) id QAA21238; Sat, 22 Jun 1996 16:29:17 +1000 Date: Sat, 22 Jun 1996 16:29:17 +1000 From: Bruce Evans Message-Id: <199606220629.QAA21238@godzilla.zeta.org.au> To: CVS-committers@freefall.freebsd.org, ache@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Modified: gnu/usr.bin/man/man Makefile man.c > Log: > Close security holes and restore suid bit > Restore writting cat's functionality > Revision Changes Path > 1.16 +2 -0 src/gnu/usr.bin/man/man/Makefile > 1.15 +123 -46 src/gnu/usr.bin/man/man/man.c This should have been reviewed. I found a bug easily: $ man -d ls [Nothing interestting] $ su # mkdir /usr/share/man/cat1 # I don't have cat directories # chown man /usr/share/man/cat1 # exit $ man -d ls [Nothing interesting] $ man ls zcat: /usr/share/man/cat1/ls.1.gz: unexpected end of file [file is 0 bytes long] The old version built the cat file normally even in the debugging case. Bruce From owner-cvs-gnu Fri Jun 21 23:59:41 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA06120 for cvs-gnu-outgoing; Fri, 21 Jun 1996 23:59:41 -0700 (PDT) Received: (from gpalmer@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA06076; Fri, 21 Jun 1996 23:59:27 -0700 (PDT) Date: Fri, 21 Jun 1996 23:59:27 -0700 (PDT) From: Gary Palmer Message-Id: <199606220659.XAA06076@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-gnu Subject: cvs commit: src/gnu/usr.bin/send-pr send-pr.1 src/gnu/usr.bin/send-pr/doc s-usage.texi Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk gpalmer 96/06/21 23:59:26 Modified: gnu/usr.bin/send-pr send-pr.1 gnu/usr.bin/send-pr/doc s-usage.texi Log: Try to make it a bit clearer that our send-pr comes pre-configured with a submitter-id, and that a new one is not required. Revision Changes Path 1.4 +4 -0 src/gnu/usr.bin/send-pr/send-pr.1 1.2 +4 -1 src/gnu/usr.bin/send-pr/doc/s-usage.texi From owner-cvs-gnu Sat Jun 22 00:27:59 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA08599 for cvs-gnu-outgoing; Sat, 22 Jun 1996 00:27:59 -0700 (PDT) Received: from palmer.demon.co.uk (palmer.demon.co.uk [158.152.50.150]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id AAA08546; Sat, 22 Jun 1996 00:27:39 -0700 (PDT) Received: from palmer.demon.co.uk (localhost [127.0.0.1]) by palmer.demon.co.uk (sendmail/PALMER-2) with ESMTP id IAA18268; Sat, 22 Jun 1996 08:25:22 +0100 (BST) cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org From: "Gary Palmer" Subject: Re: cvs commit: src/gnu/usr.bin/send-pr send-pr.1 src/gnu/usr.bin/send-pr/doc s-usage.texi In-reply-to: Your message of "Fri, 21 Jun 1996 23:59:27 PDT." <199606220659.XAA06076@freefall.freebsd.org> Date: Sat, 22 Jun 1996 08:25:21 +0100 Message-ID: <18266.835428321@palmer.demon.co.uk> Sender: owner-cvs-gnu@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Gary Palmer wrote in message ID <199606220659.XAA06076@freefall.freebsd.org>: > gpalmer 96/06/21 23:59:26 > > Modified: gnu/usr.bin/send-pr send-pr.1 > gnu/usr.bin/send-pr/doc s-usage.texi > Log: > Try to make it a bit clearer that our send-pr comes pre-configured > with a submitter-id, and that a new one is not required. If someone could take a look at these and make any suggestions, I'd appreciate it. We now get several requests a week, and I'd like to put SOMETHING into 2.1.5-RELEASE which makes it clear you don't need to request submitter-id's... Thanks Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info From owner-cvs-gnu Sat Jun 22 00:46:18 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA10095 for cvs-gnu-outgoing; Sat, 22 Jun 1996 00:46:18 -0700 (PDT) Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA10081; Sat, 22 Jun 1996 00:46:03 -0700 (PDT) Received: by sequent.kiae.su id AA00277 (5.65.kiae-2 ); Sat, 22 Jun 1996 11:40:56 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Sat, 22 Jun 96 11:40:55 +0400 Received: (from ache@localhost) by nagual.ru (8.7.5/8.7.3) id LAA01044; Sat, 22 Jun 1996 11:40:03 +0400 (MSD) Message-Id: <199606220740.LAA01044@nagual.ru> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c To: bde@zeta.org.au (Bruce Evans) Date: Sat, 22 Jun 1996 11:40:03 +0400 (MSD) Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org In-Reply-To: <199606220629.QAA21238@godzilla.zeta.org.au> from "Bruce Evans" at "Jun 22, 96 04:29:17 pm" From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL22 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > $ man -d ls > [Nothing interesting] > $ man ls > zcat: /usr/share/man/cat1/ls.1.gz: unexpected end of file > [file is 0 bytes long] > > The old version built the cat file normally even in the debugging case. I doubt, because no one command executed in debugging case even in old version. Maybe old version not make cat file at all in debugging case. I'll try to look closer and fix it. BTW, this bug isn't security hole :-) -- Andrey A. Chernov http://www.nagual.ru/~ache/ From owner-cvs-gnu Sat Jun 22 01:05:28 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id BAA11596 for cvs-gnu-outgoing; Sat, 22 Jun 1996 01:05:28 -0700 (PDT) Received: (from ache@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id BAA11572; Sat, 22 Jun 1996 01:05:15 -0700 (PDT) Date: Sat, 22 Jun 1996 01:05:15 -0700 (PDT) From: "Andrey A. Chernov" Message-Id: <199606220805.BAA11572@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-gnu Subject: cvs commit: src/gnu/usr.bin/man/man man.c Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 96/06/22 01:05:14 Modified: gnu/usr.bin/man/man man.c Log: Do not produce empty cat file in debug mode Revision Changes Path 1.16 +10 -2 src/gnu/usr.bin/man/man/man.c From owner-cvs-gnu Sat Jun 22 07:21:58 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA03693 for cvs-gnu-outgoing; Sat, 22 Jun 1996 07:21:58 -0700 (PDT) Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA03681; Sat, 22 Jun 1996 07:21:53 -0700 (PDT) Received: from campa.panke.de (anonymous218.ppp.cs.tu-berlin.de [130.149.17.218]) by mail.cs.tu-berlin.de (8.6.12/8.6.12) with ESMTP id QAA06709; Sat, 22 Jun 1996 16:07:00 +0200 Received: (from wosch@localhost) by campa.panke.de (8.6.12/8.6.12) id NAA00457; Sat, 22 Jun 1996 13:43:22 +0200 Date: Sat, 22 Jun 1996 13:43:22 +0200 From: Wolfram Schneider Message-Id: <199606221143.NAA00457@campa.panke.de> To: Bruce Evans Cc: CVS-committers@freefall.freebsd.org, ache@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c In-Reply-To: <199606220629.QAA21238@godzilla.zeta.org.au> References: <199606220629.QAA21238@godzilla.zeta.org.au> Reply-to: Wolfram Schneider MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Bruce Evans writes: >> Modified: gnu/usr.bin/man/man Makefile man.c >> Log: >> Close security holes and restore suid bit >> Restore writting cat's functionality > >> Revision Changes Path >> 1.16 +2 -0 src/gnu/usr.bin/man/man/Makefile >> 1.15 +123 -46 src/gnu/usr.bin/man/man/man.c > >This should have been reviewed. I thought the general consensus was a sgid man, not suid. Wolfram From owner-cvs-gnu Sat Jun 22 09:02:10 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA14652 for cvs-gnu-outgoing; Sat, 22 Jun 1996 09:02:10 -0700 (PDT) Received: from sovcom.kiae.su (sovcom.kiae.su [144.206.136.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id JAA14618; Sat, 22 Jun 1996 09:01:52 -0700 (PDT) Received: by sovcom.kiae.su id AA14291 (5.65.kiae-1 ); Sat, 22 Jun 1996 18:59:09 +0300 Received: by sovcom.KIAE.su (UUMAIL/2.0); Sat, 22 Jun 96 18:59:09 +0300 Received: (from ache@localhost) by nagual.ru (8.7.5/8.7.3) id TAA02217; Sat, 22 Jun 1996 19:55:06 +0400 (MSD) Message-Id: <199606221555.TAA02217@nagual.ru> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c To: wosch@cs.tu-berlin.de Date: Sat, 22 Jun 1996 19:55:06 +0400 (MSD) Cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org In-Reply-To: <199606221143.NAA00457@campa.panke.de> from "Wolfram Schneider" at "Jun 22, 96 01:43:22 pm" From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL22 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk [Charset ISO-8859-1 unsupported, filtering to ASCII...] > Bruce Evans writes: > >> Modified: gnu/usr.bin/man/man Makefile man.c > >> Log: > >> Close security holes and restore suid bit > >> Restore writting cat's functionality > > > >> Revision Changes Path > >> 1.16 +2 -0 src/gnu/usr.bin/man/man/Makefile > >> 1.15 +123 -46 src/gnu/usr.bin/man/man/man.c > > > >This should have been reviewed. > > I thought the general consensus was a sgid man, not suid. I don't see how sgid man can be better than suid man now, but I see that sgid man requires additional changes in the permissions and man utils. I don't hear that it is general consensus too. -- Andrey A. Chernov http://www.nagual.ru/~ache/ From owner-cvs-gnu Sat Jun 22 10:51:43 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA23091 for cvs-gnu-outgoing; Sat, 22 Jun 1996 10:51:43 -0700 (PDT) Received: from precipice.shockwave.com (ppp-5-75.rdcy01.pacbell.net [206.170.5.75]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA23078; Sat, 22 Jun 1996 10:51:37 -0700 (PDT) Received: from shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with ESMTP id KAA22886; Sat, 22 Jun 1996 10:51:11 -0700 (PDT) Message-Id: <199606221751.KAA22886@precipice.shockwave.com> To: Bruce Evans , ache@freebsd.org cc: CVS-committers@freefall.freebsd.org, ache@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c In-reply-to: Your message of "Sat, 22 Jun 1996 16:29:17 +1000." <199606220629.QAA21238@godzilla.zeta.org.au> Date: Sat, 22 Jun 1996 10:51:11 -0700 From: Paul Traina Sender: owner-cvs-gnu@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Andrew asked me to review it, and I started to do so, found security problems with it and never got back to him in a timely manner. My fault. Andrew, please back these changes out, I'm sorry, I'm totally swamped with the new job, but I will absolutely positively get back to you next week. Paul From: Bruce Evans Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c > Modified: gnu/usr.bin/man/man Makefile man.c > Log: > Close security holes and restore suid bit > Restore writting cat's functionality > Revision Changes Path > 1.16 +2 -0 src/gnu/usr.bin/man/man/Makefile > 1.15 +123 -46 src/gnu/usr.bin/man/man/man.c This should have been reviewed. I found a bug easily: $ man -d ls [Nothing interestting] $ su # mkdir /usr/share/man/cat1 # I don't have cat directories # chown man /usr/share/man/cat1 # exit $ man -d ls [Nothing interesting] $ man ls zcat: /usr/share/man/cat1/ls.1.gz: unexpected end of file [file is 0 bytes long] The old version built the cat file normally even in the debugging case. Bruce From owner-cvs-gnu Sat Jun 22 12:03:19 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA01520 for cvs-gnu-outgoing; Sat, 22 Jun 1996 12:03:19 -0700 (PDT) Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA01458; Sat, 22 Jun 1996 12:02:55 -0700 (PDT) Received: from campa.panke.de (anonymous231.ppp.cs.tu-berlin.de [130.149.17.231]) by mail.cs.tu-berlin.de (8.6.12/8.6.12) with ESMTP id UAA13693; Sat, 22 Jun 1996 20:58:12 +0200 Received: (from wosch@localhost) by campa.panke.de (8.6.12/8.6.12) id UAA07135; Sat, 22 Jun 1996 20:39:21 +0200 Date: Sat, 22 Jun 1996 20:39:21 +0200 From: Wolfram Schneider Message-Id: <199606221839.UAA07135@campa.panke.de> To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) Cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c In-Reply-To: <199606221555.TAA02217@nagual.ru> References: <199606221143.NAA00457@campa.panke.de> <199606221555.TAA02217@nagual.ru> Reply-to: Wolfram Schneider MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk KOI8-R writes: >> I thought the general consensus was a sgid man, not suid. > >I don't see how sgid man can be better than suid man now, Security, security, security. Principle of least privilege. >but I see >that sgid man requires additional changes in the permissions >and man utils. minor changes. >I don't hear that it is general consensus too. Look into the mailing list archive. Wolfram From owner-cvs-gnu Sat Jun 22 12:35:07 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA04434 for cvs-gnu-outgoing; Sat, 22 Jun 1996 12:35:07 -0700 (PDT) Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA04406; Sat, 22 Jun 1996 12:34:57 -0700 (PDT) Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.12/8.6.9) id FAA09478; Sun, 23 Jun 1996 05:19:59 +1000 Date: Sun, 23 Jun 1996 05:19:59 +1000 From: Bruce Evans Message-Id: <199606221919.FAA09478@godzilla.zeta.org.au> To: ache@nagual.ru, wosch@cs.tu-berlin.de Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c Cc: CVS-committers@freefall.freebsd.org, bde@zeta.org.au, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >KOI8-R writes: >>> I thought the general consensus was a sgid man, not suid. >> >>I don't see how sgid man can be better than suid man now, >Security, security, security. Principle of least privilege. In that case, isn't suid man better? Group man would have to be able to access exactly the same things as user man does now, it's easier to make a mistake with a group by putting too many users in it. Bruce From owner-cvs-gnu Sat Jun 22 14:10:33 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA09235 for cvs-gnu-outgoing; Sat, 22 Jun 1996 14:10:33 -0700 (PDT) Received: (from ache@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA09209; Sat, 22 Jun 1996 14:10:23 -0700 (PDT) Date: Sat, 22 Jun 1996 14:10:23 -0700 (PDT) From: "Andrey A. Chernov" Message-Id: <199606222110.OAA09209@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-gnu Subject: cvs commit: src/gnu/usr.bin/man/man Makefile man.c Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 96/06/22 14:10:22 Modified: gnu/usr.bin/man/man Makefile man.c Log: Back out security changes until pst review them Revision Changes Path 1.17 +0 -2 src/gnu/usr.bin/man/man/Makefile 1.17 +45 -130 src/gnu/usr.bin/man/man/man.c From owner-cvs-gnu Sat Jun 22 14:12:35 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA09354 for cvs-gnu-outgoing; Sat, 22 Jun 1996 14:12:35 -0700 (PDT) Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA09339; Sat, 22 Jun 1996 14:12:14 -0700 (PDT) Received: by sequent.kiae.su id AA20680 (5.65.kiae-2 ); Sun, 23 Jun 1996 01:06:58 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Sun, 23 Jun 96 01:06:57 +0400 Received: (from ache@localhost) by nagual.ru (8.7.5/8.7.3) id AAA00484; Sun, 23 Jun 1996 00:56:07 +0400 (MSD) Message-Id: <199606222056.AAA00484@nagual.ru> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c To: wosch@cs.tu-berlin.de Date: Sun, 23 Jun 1996 00:56:06 +0400 (MSD) Cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org In-Reply-To: <199606221839.UAA07135@campa.panke.de> from "Wolfram Schneider" at "Jun 22, 96 08:39:21 pm" From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL22 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk [Charset ISO-8859-1 unsupported, filtering to ASCII...] > KOI8-R writes: > >> I thought the general consensus was a sgid man, not suid. > > > >I don't see how sgid man can be better than suid man now, > > Security, security, security. Principle of least privilege. sgid man decreases security in current variant, it is pretty clear. group > single user > >but I see > >that sgid man requires additional changes in the permissions > >and man utils. > > minor changes. [any word you like] changes is additional ones. > >I don't hear that it is general consensus too. > > Look into the mailing list archive. Just look and found only your idea of doing that. -- Andrey A. Chernov http://www.nagual.ru/~ache/ From owner-cvs-gnu Sat Jun 22 14:18:47 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA09838 for cvs-gnu-outgoing; Sat, 22 Jun 1996 14:18:47 -0700 (PDT) Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA09796; Sat, 22 Jun 1996 14:18:19 -0700 (PDT) Received: by sequent.kiae.su id AA20690 (5.65.kiae-2 ); Sun, 23 Jun 1996 01:07:03 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Sun, 23 Jun 96 01:07:02 +0400 Received: (from ache@localhost) by nagual.ru (8.7.5/8.7.3) id BAA00502; Sun, 23 Jun 1996 01:01:57 +0400 (MSD) Message-Id: <199606222101.BAA00502@nagual.ru> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c To: pst@shockwave.com (Paul Traina) Date: Sun, 23 Jun 1996 01:01:57 +0400 (MSD) Cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org In-Reply-To: <199606221751.KAA22886@precipice.shockwave.com> from "Paul Traina" at "Jun 22, 96 10:51:11 am" From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL22 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Andrew asked me to review it, and I started to do so, found security > problems with it and never got back to him in a timely manner. My fault. > > Andrew, please back these changes out, I'm sorry, I'm totally swamped with > the new job, but I will absolutely positively get back to you next week. Well, I'll back them out until end of the next week. I made additional changes according to error found by Bruce, so I'll send more updated patch to you ASAP. -- Andrey A. Chernov http://www.nagual.ru/~ache/ From owner-cvs-gnu Sat Jun 22 14:32:04 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA10779 for cvs-gnu-outgoing; Sat, 22 Jun 1996 14:32:04 -0700 (PDT) Received: from precipice.shockwave.com (ppp-5-75.rdcy01.pacbell.net [206.170.5.75]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA10717; Sat, 22 Jun 1996 14:31:43 -0700 (PDT) Received: from shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with ESMTP id OAA24638; Sat, 22 Jun 1996 14:31:01 -0700 (PDT) Message-Id: <199606222131.OAA24638@precipice.shockwave.com> To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c In-reply-to: Your message of "Sun, 23 Jun 1996 01:01:57 +0400." <199606222101.BAA00502@nagual.ru> Date: Sat, 22 Jun 1996 14:31:01 -0700 From: Paul Traina Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Thanks, I'm really sorry I didn't respond to you earlier, it's entirely my fault. :-( Paul From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) >> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c > Andrew asked me to review it, and I started to do so, found security > problems with it and never got back to him in a timely manner. My fault. > > Andrew, please back these changes out, I'm sorry, I'm totally swamped with > the new job, but I will absolutely positively get back to you next week. Well, I'll back them out until end of the next week. I made additional changes according to error found by Bruce, so I'll send more updated patch to you ASAP. -- Andrey A. Chernov http://www.nagual.ru/~ache/