Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 1 Dec 1998 19:50:28 +0100
From:      Eivind Eklund <eivind@yes.no>
To:        Matthew Dillon <dillon@apollo.backplane.com>, freebsd-current@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject:   Re: kmem, tty, bind security enhancements commit.
Message-ID:  <19981201195028.A21015@follo.net>
In-Reply-To: <199812010551.VAA02953@apollo.backplane.com>; from Matthew Dillon on Mon, Nov 30, 1998 at 09:51:45PM -0800
References:  <199812010551.VAA02953@apollo.backplane.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 30, 1998 at 09:51:45PM -0800, Matthew Dillon wrote:
>     Now that everyone is backfrom thanksgiving and 2.2.8 is out the
>     door, I'd like to commit the following changes to -current.  These
>     are as previously discussed and the changes have also been running
>     on most of BEST's machines for a couple of weeks now so I'd like
>     to commit them.
> 
>     I'd like someone to sign off on the concept.  Eivind?  Bruce?  Jordan?

[on running identd as kmem, ntalkd as tty, and bind as bind/bind]

Sounds good to me, as long as it does not require changes to existing
installations (which I couldn't see it needing from your description).  I'm
somewhat surprised at the getuid() test in ntalkd being there at all - it
seems like this should have been done with permissions instead of getuid(),
and shouldn't be needed anyway.  However, I don't have the SCCS repository
(yet), so I can't see why it was introduced - it has been there (in slightly
changing incarnation) since 4.4 lite.

Your user/group suggestion looks good - too bad operator is screwed up.

Eivind.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981201195028.A21015>