From owner-freebsd-security  Sun Apr 19 07:54:57 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA27385
          for freebsd-security-outgoing; Sun, 19 Apr 1998 07:54:57 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from indigo.ie (ts01-15.waterford.indigo.ie [194.125.139.78])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA27372
          for <freebsd-security@FreeBSD.ORG>; Sun, 19 Apr 1998 14:54:46 GMT
          (envelope-from rotel@indigo.ie)
Received: (from nsmart@localhost)
	by indigo.ie (8.8.8/8.8.7) id PAA00588;
	Sun, 19 Apr 1998 15:52:58 +0100 (IST)
	(envelope-from rotel@indigo.ie)
From: Niall Smart <rotel@indigo.ie>
Message-Id: <199804191452.PAA00588@indigo.ie>
Date: Sun, 19 Apr 1998 15:52:58 +0000
In-Reply-To: "Fernando P. Schapachnik" <fpscha@localhost.schapachnik.com.ar>
       "Re: suid/sgid programs" (Apr 19, 12:26am)
Reply-To: rotel@indigo.ie
X-Mailer: Mail User's Shell (7.2.6 beta(3) 11/17/96)
To: fpscha@schapachnik.com.ar, robert+freebsd@cyrus.watson.org
Subject: Re: suid/sgid programs
Cc: freebsd-security@FreeBSD.ORG
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

On Apr 19, 12:26am, "Fernando P. Schapachnik" wrote:
} Subject: Re: suid/sgid programs
> En un mensaje anterior Robert Watson escribi˘:
> [...]
> > We note also that a fairly large chunk of suid/sgid programs are UUCP
> > programs -- something that a majority of FreeBSD users (I would guess?) do
> > not use.  In terms of reducing risk, disabling suid/sgid on these programs
> 
> Don't be so sure. FreeBSD boxes are an excellent choice for UUCP servers. 
> Actually I have a few running (and planning to install more).

I think the point he was making was that most users don't use UUCP, and
therefore we shouldn't be shipping UUCP related utilities with set[ug]id
bits.  Presumably if you can configure UUCP you can use chmod.

Niall

-- 
Niall Smart.        PGP: finger njs3@motmot.doc.ic.ac.uk
FreeBSD: Turning PC's into Workstations: www.freebsd.org
Annoy your enemies and astonish your friends:
echo "#define if(x) if (!(x))" >> /usr/include/stdio.h

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message