From owner-freebsd-arch  Wed Apr 24 19:22:14 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from dragon.nuxi.com (trang.nuxi.com [66.92.13.169])
	by hub.freebsd.org (Postfix) with ESMTP id ABC8737B41B
	for <freebsd-arch@freebsd.org>; Wed, 24 Apr 2002 19:22:02 -0700 (PDT)
Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1])
	by dragon.nuxi.com (8.12.2/8.12.2) with ESMTP id g3P2IYYm047343;
	Wed, 24 Apr 2002 19:18:34 -0700 (PDT)
	(envelope-from obrien@dragon.nuxi.com)
Received: (from obrien@localhost)
	by dragon.nuxi.com (8.12.3/8.12.2/Submit) id g3P2HHL2047163;
	Wed, 24 Apr 2002 19:17:17 -0700 (PDT)
Date: Wed, 24 Apr 2002 19:17:17 -0700
From: "David O'Brien" <dev-null@NUXI.com>
To: Johan Karlsson <k@numeri.campus.luth.se>
Cc: freebsd-arch@freebsd.org
Subject: Re: NOSUID and NOSUID_prog make knobs
Message-ID: <20020424191717.A35128@dragon.nuxi.com>
Reply-To: freebsd-arch@freebsd.org
Mail-Followup-To: freebsd-arch@freebsd.org
References: <20020425035353.A73613@numeri.campus.luth.se>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020425035353.A73613@numeri.campus.luth.se>; from k@numeri.campus.luth.se on Thu, Apr 25, 2002 at 03:53:53AM +0200
X-Operating-System: FreeBSD 5.0-CURRENT
Organization: The NUXI BSD group
X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3  90 76 5D 69 58 D9 98 7A
X-Pgp-Rsa-Keyid: 1024/34F9F9D5
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

On Thu, Apr 25, 2002 at 03:53:53AM +0200, Johan Karlsson wrote:
> Basicly it protects the BINMODE assignment in the Makefile with
> .if !defined(NOSUID) && !defined(NOSUID_prog)
... 
> +# To avoid installing various parts with the setuid/setgid bit turned on
> +#
> +#NOSUID=	true	# no setuid bit for any of the below

Either do them all, or none.  This flag per binary does not scale, nor do
I see any significant portion of our userbase utilizing the granularity.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message