From owner-cvs-gnu Sat Jun 22 14:12:35 1996 Return-Path: owner-cvs-gnu Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA09354 for cvs-gnu-outgoing; Sat, 22 Jun 1996 14:12:35 -0700 (PDT) Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA09339; Sat, 22 Jun 1996 14:12:14 -0700 (PDT) Received: by sequent.kiae.su id AA20680 (5.65.kiae-2 ); Sun, 23 Jun 1996 01:06:58 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Sun, 23 Jun 96 01:06:57 +0400 Received: (from ache@localhost) by nagual.ru (8.7.5/8.7.3) id AAA00484; Sun, 23 Jun 1996 00:56:07 +0400 (MSD) Message-Id: <199606222056.AAA00484@nagual.ru> Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c To: wosch@cs.tu-berlin.de Date: Sun, 23 Jun 1996 00:56:06 +0400 (MSD) Cc: bde@zeta.org.au, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org In-Reply-To: <199606221839.UAA07135@campa.panke.de> from "Wolfram Schneider" at "Jun 22, 96 08:39:21 pm" From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) X-Class: Fast X-Mailer: ELM [version 2.4ME+ PL22 (25)] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-gnu@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk [Charset ISO-8859-1 unsupported, filtering to ASCII...] > KOI8-R writes: > >> I thought the general consensus was a sgid man, not suid. > > > >I don't see how sgid man can be better than suid man now, > > Security, security, security. Principle of least privilege. sgid man decreases security in current variant, it is pretty clear. group > single user > >but I see > >that sgid man requires additional changes in the permissions > >and man utils. > > minor changes. [any word you like] changes is additional ones. > >I don't hear that it is general consensus too. > > Look into the mailing list archive. Just look and found only your idea of doing that. -- Andrey A. Chernov http://www.nagual.ru/~ache/