From owner-freebsd-security  Thu Sep  7  1:57: 8 2000
Delivered-To: freebsd-security@freebsd.org
Received: from nenya.ms.mff.cuni.cz (nenya.ms.mff.cuni.cz [195.113.17.179])
	by hub.freebsd.org (Postfix) with ESMTP id CCD9537B424
	for <freebsd-security@FreeBSD.ORG>; Thu,  7 Sep 2000 01:57:05 -0700 (PDT)
Received: from localhost (mencl@localhost)
	by nenya.ms.mff.cuni.cz (8.9.3+Sun/8.9.1) with ESMTP id KAA24467;
	Thu, 7 Sep 2000 10:56:59 +0200 (MET DST)
Date: Thu, 7 Sep 2000 10:56:59 +0200 (MET DST)
From: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>
To: Neil Blakey-Milner <nbm@mithrandr.moria.org>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: UNIX locale format string vulnerability (fwd)
In-Reply-To: <20000907104925.A37872@mithrandr.moria.org>
Message-ID: <Pine.GSO.4.10.10009071052480.11627-100000@nenya.ms.mff.cuni.cz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 7 Sep 2000, Neil Blakey-Milner wrote:

> Why would someone install the sudo RedHat package on FreeBSD?
> 

sudo is a FreeBSD port, and is distributed in the set of precompiled
packages, for quite a long time, and is of course included in the package
set of the 4.1 release - sudo-1.6.3.4.tgz

And sudo is a nice tool for delegating certain priviliges to users,
that's why I installed it. It's surely more secure, than telling
everybody the root password - although you have to be careful not to
create a security hole.



			Vladimir Mencl

** reduced Cc: header



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message