From owner-freebsd-stable  Sat Oct  7 22:17:55 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id 9739D37B502
	for <stable@FreeBSD.ORG>; Sat,  7 Oct 2000 22:17:53 -0700 (PDT)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.0/8.11.0) with ESMTP id e985HqY01427;
	Sat, 7 Oct 2000 23:17:52 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id XAA02711; Sat, 7 Oct 2000 23:17:51 -0600 (MDT)
Message-Id: <200010080517.XAA02711@harmony.village.org>
To: Frank Tobin <ftobin@uiuc.edu>
Subject: Re: Security problem with "script"? 
Cc: FreeBSD-Stable <stable@FreeBSD.ORG>
In-reply-to: Your message of "Sat, 07 Oct 2000 23:05:21 CDT."
		<Pine.BSF.4.21.0010072304100.17477-100000@localhost> 
References: <Pine.BSF.4.21.0010072304100.17477-100000@localhost>  
Date: Sat, 07 Oct 2000 23:17:51 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <Pine.BSF.4.21.0010072304100.17477-100000@localhost> Frank Tobin writes:
: Along the same lines, don't give a user sudo access to just run "xemacs",
: unless you want them playing Tetris as root.  Oh, wait...that's not the
: worst thing they can do :)

Yea.  They could cheat and edit the Tetris high scores file :-)

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message