From owner-freebsd-security  Wed May 14 13:03:40 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id NAA01242
          for security-outgoing; Wed, 14 May 1997 13:03:40 -0700 (PDT)
Received: from hydrogen.nike.efn.org (resnet.uoregon.edu [128.223.170.28])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA01236
          for <security@FreeBSD.ORG>; Wed, 14 May 1997 13:03:36 -0700 (PDT)
Received: (from jmg@localhost)
	by hydrogen.nike.efn.org (8.8.5/8.8.5) id NAA18918;
	Wed, 14 May 1997 13:04:08 -0700 (PDT)
Message-ID: <19970514130407.00511@hydrogen.nike.efn.org>
Date: Wed, 14 May 1997 13:04:07 -0700
From: John-Mark Gurney <jmg@hydrogen.nike.efn.org>
To: bofh@terranova.net
Cc: Jonathan Mini <j_mini@efn.org>, security@FreeBSD.ORG
Subject: Re: /usr/sbin/wall is suid root.
References: <Pine.SUN.3.95.970513145202.9656A-100000@garcia.efn.org> <3379FE38.4F0@TerraNova.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.69
In-Reply-To: <3379FE38.4F0@TerraNova.net>; from Travis Mikalson on Wed, May 14, 1997 at 02:02:32PM -0400
Reply-To: John-Mark Gurney <gurney_j@resnet.uoregon.edu>
Organization: Cu Networking
X-Operating-System: FreeBSD 2.2.1-RELEASE i386
X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31  96 7A 22 B3 D8 56 36 F4
X-Files: The truth is out there
X-URL: http://resnet.uoregon.edu/~gurney_j/
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Travis Mikalson scribbled this message on May 14:
> Jonathan Mini wrote:
> > 
> >   Personally, I think that being able to transmit an abatrary string of
> > characters to every user's console on the system is a bit of a security
> > hole. ANSI keyboard reassignments come to mind.
> 
> On my system, running 2.2-STABLE, /usr/bin/wall is setgid tty..
> -r-xr-sr-x   1 bin      tty         12288 Apr 16 06:05 /usr/bin/wall
> 
> What version are you running where wall is in /usr/sbin and is setuid
> root?

well.. I think Mini didn't check close enough...  but stil... having it
sgid tty can have adverse side effects... like allowing people to write
to everyone... (REALLY anoying when you have around 8-15 logins.. :) )

I think we shouldn't install it sgid...  is ther any good reason to
have it sgid??

-- 
  John-Mark
  Cu Networking                             Modem/FAX: +1 541 683 6954

  Live in Peace, destroy Micro$oft, support free software, run FreeBSD