From owner-freebsd-hackers  Mon May 19 08:35:45 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id IAA27740
          for hackers-outgoing; Mon, 19 May 1997 08:35:45 -0700 (PDT)
Received: from ns.cs.msu.su (laskavy@redsun.cs.msu.su [158.250.10.2])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA27710
          for <hackers@FreeBSD.ORG>; Mon, 19 May 1997 08:35:33 -0700 (PDT)
Received: (from laskavy@localhost) by ns.cs.msu.su (8.8.5/8.6.12) id TAA23174 for hackers@FreeBSD.ORG; Mon, 19 May 1997 19:35:35 +0400 (DST)
Date: Mon, 19 May 1997 19:35:35 +0400 (DST)
From: "Sergei S. Laskavy" <laskavy@cs.msu.su>
Message-Id: <199705191535.TAA23174@ns.cs.msu.su>
To: hackers@FreeBSD.ORG
Subject: drwxr-xr-x  2 bin  bin  /usr/sbin
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

eric@Sendmail.ORG said, that

+----------------------------------------------+
| For security reasons, /, /usr, and /usr/sbin |
|      should be owned by root, mode 755.      |
+----------------------------------------------+

I think that someone can gain "bin" and then replace
	/usr/sbin/GOOD_PROGGY
by
	/usr/sbin/EVIL_PROGGY