From owner-freebsd-hackers  Mon Feb 24 13:24:07 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA19648
          for hackers-outgoing; Mon, 24 Feb 1997 13:24:07 -0800 (PST)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA18823;
          Mon, 24 Feb 1997 13:16:37 -0800 (PST)
Received: from rover.village.org [127.0.0.1] 
	by rover.village.org with esmtp (Exim 0.56 #1)
	id E0vz7kq-00059M-00; Mon, 24 Feb 1997 14:16:12 -0700
To: Julian Elischer <julian@whistle.com>
Subject: Re: disallow setuid root shells? 
Cc: Adrian Chadd <adrian@obiwan.aceonline.com.au>,
        Jake Hamby <jehamby@lightside.com>, hackers@freebsd.org,
        auditors@freebsd.org
In-reply-to: Your message of "Mon, 24 Feb 1997 10:46:21 PST."
		<3311E1FD.167EB0E7@whistle.com> 
References: <3311E1FD.167EB0E7@whistle.com>  <Pine.BSF.3.95q.960108043026.5974A-100000@obiwan.aceonline.com.au> 
Date: Mon, 24 Feb 1997 14:16:12 -0700
From: Warner Losh <imp@village.org>
Message-Id: <E0vz7kq-00059M-00@rover.village.org>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <3311E1FD.167EB0E7@whistle.com> Julian Elischer writes:
: It's not a bad I dea but I'd vote against it..
: (however I MIGHT think about adding LOGGING of such an event? :)
: (in the same way that su logs.)

I think that I like this better.  There are many people that use a
setuid/setgid shell program to allow access to other programs on the
system.  At least this was true before sudo and friends.

Warner