Date: Mon, 10 Sep 2001 13:22:58 -0700 (PDT) From: Matt Dillon <dillon@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/usr.bin/tip/tip Makefile src/gnu/libexec/uucp/cu Makefile src/gnu/libexec/uucp/uucp Makefile src/gnu/libexec/uucp/uuname Makefile src/gnu/libexec/uucp/uustat Makefile src/gnu/libexec/uucp/uux Makefile Message-ID: <200109102022.f8AKMwJ38803@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
dillon 2001/09/10 13:22:57 PDT Modified files: (Branch: RELENG_4) usr.bin/tip/tip Makefile gnu/libexec/uucp/cu Makefile gnu/libexec/uucp/uucp Makefile gnu/libexec/uucp/uuname Makefile gnu/libexec/uucp/uustat Makefile gnu/libexec/uucp/uux Makefile Log: MFC. Non-root-owned binaries in standard system paths, whether suid or not, must be chflag'd 'schg' to prevent trojans when root-cron or root or other users run the programs. This works around a root trojan that exists for uucp binaries but does not address the other issue of config-file security in uucp. Approved by: jkh Revision Changes Path 1.10.6.2 +2 -1 src/usr.bin/tip/tip/Makefile 1.8.2.1 +2 -1 src/gnu/libexec/uucp/cu/Makefile 1.6.2.1 +2 -1 src/gnu/libexec/uucp/uucp/Makefile 1.5.2.1 +2 -2 src/gnu/libexec/uucp/uuname/Makefile 1.5.2.1 +2 -1 src/gnu/libexec/uucp/uustat/Makefile 1.6.2.1 +2 -1 src/gnu/libexec/uucp/uux/Makefile To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109102022.f8AKMwJ38803>