From owner-freebsd-security  Mon Nov 16 22:44:39 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA26281
          for freebsd-security-outgoing; Mon, 16 Nov 1998 22:44:39 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from david.siemens.de (david.siemens.de [192.35.17.14])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA26258
          for <freebsd-security@FreeBSD.ORG>; Mon, 16 Nov 1998 22:44:34 -0800 (PST)
          (envelope-from andre.albsmeier@mchp.siemens.de)
X-Envelope-Sender-Is: andre.albsmeier@mchp.siemens.de (at relayer david.siemens.de)
Received: from mail.siemens.de (salomon.siemens.de [139.23.33.13])
	by david.siemens.de (8.9.1a/8.9.1) with ESMTP id HAA11756
	for <freebsd-security@FreeBSD.ORG>; Tue, 17 Nov 1998 07:44:05 +0100 (MET)
Received: from curry.mchp.siemens.de (daemon@curry.mchp.siemens.de [146.180.31.23])
	by mail.siemens.de (8.9.1a/8.9.1) with ESMTP id HAA13246
	for <freebsd-security@FreeBSD.ORG>; Tue, 17 Nov 1998 07:44:05 +0100 (MET)
Received: (from daemon@localhost)
	by curry.mchp.siemens.de (8.8.8/8.8.8) id HAA27363
	for <freebsd-security@FreeBSD.ORG>; Tue, 17 Nov 1998 07:44:06 +0100 (CET)
Message-ID: <19981117074403.B11602@internal>
Date: Tue, 17 Nov 1998 07:44:03 +0100
From: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
To: Warner Losh <imp@village.org>,
        Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
Cc: Matthew Dillon <dillon@apollo.backplane.com>, freebsd-security@FreeBSD.ORG
Subject: Re: Would this make FreeBSD more secure?
References: <19981116125909.A28486@internal> <19981116072937.E969@internal> <19981115192224.A29686@internal> <19981115161548.A23869@internal> <199811151758.JAA15108@apollo.backplane.com> <19981115192224.A29686@internal> <199811152210.PAA01604@harmony.vil 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <199811161849.LAA05146@harmony.village.org>; from Warner Losh on Mon, Nov 16, 1998 at 11:49:27AM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Mon, Nov 16, 1998 at 11:49:27AM -0700, Warner Losh wrote:
> In message <19981116125909.A28486@internal> Andre Albsmeier writes:
> : That is exactly my opinion. I think a program should run with the
> : minimum privileges it really needs to and not more.
> 
> I still think that it is a lot of effort for just one or two
> programs.  xlock and xlockmore (basically the same program) are the
> only two programs that I'm aware of that need to access the password
> file and not change the uid of the process.  Where are the rest of the
> half dozen :-)...

Well, I didn't talk about half dozen but taking Matt's suggestions
we are close to it.

> 
> Warner

	-Andre

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message