From owner-freebsd-ports  Fri Oct 19 10: 8: 4 2001
Delivered-To: freebsd-ports@freebsd.org
Received: from squall.waterspout.com (squall.waterspout.com [208.13.56.12])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5C4A037B401; Fri, 19 Oct 2001 10:07:58 -0700 (PDT)
Received: by squall.waterspout.com (Postfix, from userid 1050)
	id 9A34F9B19; Fri, 19 Oct 2001 12:07:06 -0500 (EST)
Date: Fri, 19 Oct 2001 12:07:06 -0500
From: Will Andrews <will@physics.purdue.edu>
To: security@FreeBSD.org, ports@FreeBSD.org
Cc: kde@FreeBSD.org
Message-ID: <20011019120706.T25747@squall.waterspout.com>
Reply-To: Will Andrews <will@physics.purdue.edu>
Mail-Followup-To: security@FreeBSD.org, ports@FreeBSD.org,
	kde@FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.22.1i
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org

OK, so I keep getting mail every now and then from people who
can't figure out why kcheckpass / kscreensaver won't authenticate
their password(s).  It's because I decided to play it safe and
made kcheckpass non setuid root, which it needs in order to call
getpwnam().

But now I'm tired of getting these emails from people who don't
notice the message that kdebase spouts about it.  I want to know
if people think it's a safe "risk" to give kcheckpass setuid root
privileges so it Just Works(tm) when people try KDE.

-- 
wca

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message