From owner-cvs-gnu  Sat Jun 29 19:22:09 1996
Return-Path: owner-cvs-gnu
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id TAA04508
          for cvs-gnu-outgoing; Sat, 29 Jun 1996 19:22:09 -0700 (PDT)
Received: from who.cdrom.com (who.cdrom.com [204.216.27.3])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id TAA03839;
          Sat, 29 Jun 1996 19:13:00 -0700 (PDT)
Received: from sc.ZIB-Berlin.DE (sc.ZIB-Berlin.DE [130.73.108.1])
          by who.cdrom.com (8.6.12/8.6.11) with SMTP id MAA18227
          ; Sat, 29 Jun 1996 12:50:14 -0700
Received: from softs11.ZIB-Berlin.DE by sc.ZIB-Berlin.DE (5.x/SMI-5.3-20.11.95)
	id AA17699; Sat, 29 Jun 1996 21:46:31 +0200
Received: (from wosch@localhost) by campa.panke.de (8.6.12/8.6.12) id VAA01445; Sat, 29 Jun 1996 21:36:30 +0200
Date: Sat, 29 Jun 1996 21:36:30 +0200
From: Wolfram Schneider <wosch@softs11.ZIB-Berlin.DE>
Message-Id: <199606291936.VAA01445@campa.panke.de>
To: Bruce Evans <bde@zeta.org.au>
Cc: ache@nagual.ru, CVS-committers@freefall.freebsd.org,
        cvs-all@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org
Subject: Re: cvs commit:  src/gnu/usr.bin/man/man Makefile man.c
In-Reply-To: <199606221919.FAA09478@godzilla.zeta.org.au>
References: <199606221919.FAA09478@godzilla.zeta.org.au>
Reply-To: Wolfram Schneider <wosch@FreeBSD.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-cvs-gnu@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Bruce Evans writes:
>>KOI8-R writes:
>>>> I thought the general consensus was a sgid man, not suid.
>>>I don't see how sgid man can be better than suid man now, 
>>Security, security, security. Principle of least privilege.
>
>In that case, isn't suid man better?  Group man would have to
>be able to access exactly the same things as user man does now,
>it's easier to make a mistake with a group by putting too many
>users in it.

We already have a group 'man'. 

grep ^man: /etc/group 
man:*:9:

This group is empty like it should be. No human users need group man.


A user can start own processes, a group not. 

$ printf ".PS\nsh X id X\n.PE\n" | pic
.lf 1 -
.lf 1
uid=14201(wosch) gid=14201(wosch) groups=14201(wosch), 0(wheel), 5(operator), 117(dialer)
.lf 4

You are really sure that man(1) does never start shells with
uid 'man'?

Wolfram