From owner-freebsd-hackers  Tue Oct 15 10:30:27 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id KAA22523
          for hackers-outgoing; Tue, 15 Oct 1996 10:30:27 -0700 (PDT)
Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA22116
          for <freebsd-hackers@freebsd.org>; Tue, 15 Oct 1996 10:25:22 -0700 (PDT)
Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id MAA26147; Tue, 15 Oct 1996 12:23:16 -0500
From: Joe Greco <jgreco@brasil.moneng.mei.com>
Message-Id: <199610151723.MAA26147@brasil.moneng.mei.com>
Subject: Re: /sbin/init permission
To: bde@zeta.org.au (Bruce Evans)
Date: Tue, 15 Oct 1996 12:23:16 -0500 (CDT)
Cc: freebsd-hackers@freebsd.org, j@uriah.heep.sax.de
In-Reply-To: <199610151527.BAA14633@godzilla.zeta.org.au> from "Bruce Evans" at Oct 16, 96 01:27:29 am
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> >> -r-sr-x---  1 root  operator   12288 Oct  2 04:26 /sbin/shutdown
> >
> >This one makes sense: any member of group `operator' is allowed to
> >shutdown the system, but nobody else.
> 
> It makes no sense for it to be unreadable.

It makes no sense for it to be readable but not executable, I think.

> >> ---s--x--x  2 root  bin       286720 Oct  2 04:19 /usr/bin/sperl4.036
> >> ---s--x--x  2 root  bin       286720 Oct  2 04:19 /usr/bin/suidperl
> >
> >Old paranoia.  SysV UUCP's used to ship with this set of permissions,
> >too.  Basically useless if /usr/src is also on the system. :)
> 
> Really if the user can files and execute chmod.
> 
> >> -r-sr-x---  1 uucp  uucp       90112 Oct  2 04:09 /usr/libexec/uucp/uuxqt
> >
> >Seems to make sense.
> 
> It makes no sense for it to be unreadable, and its nonreadability and
> nonexecutability by `other' breaks the usability of an nfs-mounted /usr
> (for the rare case that root wants to run this directly).  (If it were
> only readable, then root could copy it and run the copy.)

PLEASE DO NOT MAKE THIS EXECUTABLE BY 'other'.  It is very possible to 
bring a system to its knees if there is even a moderate amount of UUCP 
work by doing

while true; do
	/usr/libexec/uucp/uuxqt&
done

You probably do not want to run uuxqt if you have a NFS mounted /usr because
you probably have a NFS mounted /var and Taylor himself says not to run
UUCP on a NFS mounted partition due to locking problems.  

If you REALLY want to do this, you can either change the permissions 
or create a UUCP administrative account that root can su to.  Works fine.

But dropping everyone elses pants to achieve this goal is not cool.

... JG