Date: Tue, 15 Oct 1996 09:55:08 -0700 From: "M.R.Murphy" <mrm@Mole.ORG> To: bde@zeta.org.au, luigi@labinfo.iet.unipi.it Cc: freebsd-hackers@FreeBSD.org, j@uriah.heep.sax.de Subject: Re: /sbin/init permission Message-ID: <199610151655.JAA22817@meerkat.mole.org>
next in thread | raw e-mail | index | archive | help
> > >> Complete set of standard executables with annoying permissions in > >> -current: > >> > >> -r-x------ 1 bin bin 20480 Oct 2 04:24 /sbin/init > >> -r-sr-x--- 1 root operator 12288 Oct 2 04:26 /sbin/shutdown > >> ---s--x--x 2 root bin 286720 Oct 2 04:19 /usr/bin/sperl4.036 > >> ---s--x--x 2 root bin 286720 Oct 2 04:19 /usr/bin/suidperl > >> -r-sr-x--- 1 uucp uucp 90112 Oct 2 04:09 /usr/libexec/uucp/uuxqt > >> -r-x------ 1 bin bin 12288 Oct 2 04:42 /usr/sbin/watch > >... > >for suid applications there is a reason for being restrictive. For > > I think security by obscurity is the only reason. This doesn't apply > to free software. I'd mention that this is argument by assertion and a misuse of "free" in "free software", but that would be pedantic and a cheap shot :-) If I feel like setting /usr/sbin/watch 0110 root.sys, that's my concern. If I felt strongly about it, I could have a script that does the deed to all the files I care about. Even though I don't have to have an 0111 /bin/cat to comply with my Western Electric license (ultra-scrupulous, I'll admit), there's no reason not to do so if I feel like it. I'm suggesting that the status quo isn't too bad. Let those who care, fix. -- Mike Murphy mrm@Mole.ORG +1 619 598 5874 Better is the enemy of Good
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610151655.JAA22817>