From owner-cvs-all@FreeBSD.ORG  Tue Mar  2 10:33:23 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F369416A4E7
	for <cvs-all@FreeBSD.org>; Tue,  2 Mar 2004 10:33:22 -0800 (PST)
Received: from mailhub1.midco.net (mailhub1.midco.net [24.220.0.32])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 85B4C43D5C
	for <cvs-all@FreeBSD.org>; Tue,  2 Mar 2004 10:33:22 -0800 (PST)
	(envelope-from pmes@bis.midco.net)
Received: (qmail 16973 invoked by uid 0); 2 Mar 2004 18:33:22 -0000
Received: from host-195-219-220-24.midco.net (HELO bis.midco.net)
	([24.220.219.195])          (envelope-sender <pmes@bis.midco.net>)
	by lvs-pop.midco.net (qmail-ldap-1.03) with SMTP
	for <nectar@FreeBSD.org>; 2 Mar 2004 18:33:22 -0000
Message-ID: <4044D371.7030803@bis.midco.net>
Date: Tue, 02 Mar 2004 12:33:21 -0600
From: Peter Schultz <pmes@bis.midco.net>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7a) Gecko/20040227
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "Jacques A. Vidrine" <nectar@FreeBSD.org>
References: <20040302153831.GK13724@sirius.firepipe.net>
	<200403021553.i22Frvhr030302@green.homeunix.org>
	<20040302161147.GK27008@FreeBSD.org> <20040302175511.GD1377@lum.celabo.org>
In-Reply-To: <20040302175511.GD1377@lum.celabo.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: "Brian F. Feldman" <green@FreeBSD.org>
cc: Michael Nottebrock <lofi@FreeBSD.org>
cc: cvs-all@FreeBSD.org
cc: ports-committers@FreeBSD.org
cc: Eivind Eklund <eivind@FreeBSD.org>
cc: Will Andrews <will@csociety.org>
cc: cvs-ports@FreeBSD.org
cc: Michael Nottebrock <michaelnottebrock@gmx.net>
Subject: Re: cvs commit: ports/audio/arts Makefile
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2004 18:33:23 -0000

I've always assumed XFree86 to be inherently insecure.  I just found 
these SUID files outside base on my machine:

/usr/X11R6/bin/xterm
/usr/X11R6/bin/xscreensaver
/usr/X11R6/bin/Xwrapper-4
/usr/X11R6/libexec/gnome-pty-helper

I wouldn't soil myself if artswrapper was listed here.  I thought I'd 
find a lot more than four, actually.  But this is still a fairly fresh 
install, I started clean after the gettext and libpthread issues.

Pete...