From owner-cvs-all  Wed Jul  5 13:46:29 2000
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3B98537BFF4; Wed,  5 Jul 2000 13:46:25 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
Received: from localhost (kris@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id NAA73700;
	Wed, 5 Jul 2000 13:46:25 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs
Date: Wed, 5 Jul 2000 13:46:25 -0700 (PDT)
From: Kris Kennaway <kris@FreeBSD.org>
To: "Jordan K. Hubbard" <jkh@zippy.osd.bsdi.com>
Cc: Jean-Marc Zucconi <jmz@FreeBSD.org>,
	Alfred Perlstein <bright@wintelcom.net>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: ports/x11/XFree86-4 Makefile 
In-Reply-To: <42293.962828386@localhost>
Message-ID: <Pine.BSF.4.21.0007051345220.36226-100000@freefall.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 5 Jul 2000, Jordan K. Hubbard wrote:

> > They have fixed the _known_ holes but the server is still setuid
> > root so the possibility of undiscovered security bugs remains.
> 
> Which is all that can be said for *any* setuid root binary in FreeBSD. :-)

We don't have any setuid root binaries which are this complex and fearsome
:-)

Kris

--
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message