From owner-cvs-all  Tue Apr  9 18: 2:40 2002
Delivered-To: cvs-all@freebsd.org
Received: from pebkac.owp.csus.edu (pebkac.owp.csus.edu [130.86.232.245])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7ECA437B417; Tue,  9 Apr 2002 18:02:35 -0700 (PDT)
Received: (from root@localhost)
	by pebkac.owp.csus.edu (8.9.3/8.9.3) id SAA39299;
	Tue, 9 Apr 2002 18:05:42 -0700 (PDT)
	(envelope-from joseph.scott@owp.csus.edu)
Received: from localhost (scottj@localhost)
	by pebkac.owp.csus.edu (8.9.3/8.9.3av) with ESMTP id SAA39292;
	Tue, 9 Apr 2002 18:05:40 -0700 (PDT)
	(envelope-from joseph.scott@owp.csus.edu)
Date: Tue, 9 Apr 2002 18:05:40 -0700 (PDT)
From: Joseph Scott <joseph@randomnetworks.com>
X-Sender: scottj@pebkac.owp.csus.edu
To: "David O'Brien" <obrien@freebsd.org>
Cc: Bosko Milekic <bmilekic@freebsd.org>, cvs-committers@freebsd.org,
	cvs-all@freebsd.org
Subject: Re: cvs commit: src/bin Makefile src/share/examples/etc make.conf
 src/usr.bin Makefile
In-Reply-To: <20020409172242.A45459@dragon.nuxi.com>
Message-ID: <Pine.BSF.4.21.0204091802060.39190-100000@pebkac.owp.csus.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by AMaViS perl-10
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Tue, 9 Apr 2002, David O'Brien wrote:

# On Tue, Apr 09, 2002 at 11:25:47AM -0700, Bosko Milekic wrote:
# >     bin                  Makefile 
# >     share/examples/etc   make.conf 
# >     usr.bin              Makefile 
# >   Log:
# >   Introduce NO_RCMNDS flag so as to not compile rsh, rlogin, and rcp on will,
# >   and document in share/examples/etc/make.conf
# 
# This is going too far -- are we soon going to have NO_LS ??
# What is the problem with compiling rsh/rlogin/rcp?  I can not think of
# any good reason.  Are you trying to reduce the number of set UID
# binaries?  Why not add a NO_SUID knob and catch everything?

	That's an interesting idea.  If there was a running list of what's
normally suid then admins could go through and only set suid on programs
of their choice.

	Which of course brings up the question, if NO_SUID is set, should
a port that wants to install a suid program be allowed to?  Or should it
ask if you still want to continue with the install?  Ug, perhaps a IS_SUID
for ports :-/

-Joseph	


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message