From owner-freebsd-arch Sat Sep 2 13: 0:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id 8EFB337B43F; Sat, 2 Sep 2000 13:00:40 -0700 (PDT) Received: (from dan@localhost) by dan.emsphone.com (8.9.3/8.9.3) id OAA07074; Sat, 2 Sep 2000 14:58:22 -0500 (CDT) (envelope-from dan) Date: Sat, 2 Sep 2000 14:58:22 -0500 From: Dan Nelson To: sthaug@nethelp.no Cc: phk@critter.freebsd.dk, n@nectar.com, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch Message-ID: <20000902145822.B28852@dan.emsphone.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.3.8i In-Reply-To: <62717.967924513@verdi.nethelp.no>; from "sthaug@nethelp.no" on Sat Sep 2 21:55:13 GMT 2000 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In the last episode (Sep 02), sthaug@nethelp.no said: > > >As you can see, it is explicitly disabled for setuid programs. It works > > >for ssh as soon as you make ssh non-setuid (which I think is a good idea > > >in any case...) > > > > Why would ssh need to be setuid ? > > To be able to emulate rsh by using a port < 1024, I assume. It's > installed setuid by default in 4.1 - personally I think this is wrong > and should be changed. Rather, it's so it can read the host key, which is only readable by root. -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message