From owner-freebsd-hackers  Mon Feb 24 12:52:31 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA16955
          for hackers-outgoing; Mon, 24 Feb 1997 12:52:31 -0800 (PST)
Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA16950
          for <hackers@freebsd.org>; Mon, 24 Feb 1997 12:52:29 -0800 (PST)
Received: from time.cdrom.com (jkh@localhost [127.0.0.1]) by time.cdrom.com (8.8.5/8.6.9) with ESMTP id MAA01493; Mon, 24 Feb 1997 12:52:05 -0800 (PST)
To: Dave Andersen <angio@aros.net>
cc: Alex Belits <abelits@phobos.illtel.denver.co.us>, hackers@freebsd.org
Subject: Re: disallow setuid root shells? 
In-reply-to: Your message of "Mon, 24 Feb 1997 11:23:51 MST."
             <199702241823.LAA27302@fluffy.aros.net> 
Date: Mon, 24 Feb 1997 12:52:05 -0800
Message-ID: <1489.856817525@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>    I freely admit that most of these people will be using widely 
> published exploit code, and that almost any vigilant sysadmin won't
> be vulnerable to them -- but not everybody is anal about keeping their
> computer up to date and secure.  Forgive me for sounding political,
> but if even one or two computers are prevented from having a root
> compromise by this, it seems worthwhile - especially since nobody
> can think of anything it would actually hurt.

I sort of agree, if there's nothing it would break.  Most crackers
are stupid idiots who go from "cookbook" data which someone more
clued-in provided them with.  If it fails, they're hosed.

				Jordan