Date: Wed, 1 Aug 2001 17:10:47 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Brian Somers <brian@Awfulhak.org> Cc: Bart Matthaei <bart@xs4nobody.nl>, Nuno Teixeira <nuno.mailinglists@pt-quorum.com>, freebsd-security@FreeBSD.ORG, brian@freebsd-services.com Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ... Message-ID: <20010801171046.A85330@xor.obsecurity.org> In-Reply-To: <200108020005.f7205A811423@hak.lan.Awfulhak.org>; from brian@Awfulhak.org on Thu, Aug 02, 2001 at 01:05:10AM %2B0100 References: <bart@xs4nobody.nl> <200108020005.f7205A811423@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 02, 2001 at 01:05:10AM +0100, Brian Somers wrote: > This just blows my mind. Not only because I can't see (for example) why= =20 > rsh has schg and rshd does not, but also because It makes no sense as a security measure. It makes more sense as an anti-foot-shooting measure, to prevent accidental removal of critical binaries which are needed to get the system up and minimally running (init, /kernel, etc). Of course, that argument only works for some on that list, and the rest should probably have the flag removed. Kris --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7aJqGWry0BWjoQKURAvS0AKCSRLvtlbUFdEIOzOgWwY61du1kbgCfSPkw mkovT2sV3CG5tnrUBmubvJI= =2gSX -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010801171046.A85330>