From owner-freebsd-security Sun Aug 29 19:17:51 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 7AA7715061 for ; Sun, 29 Aug 1999 19:17:47 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA00603; Sun, 29 Aug 1999 20:17:15 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA91030; Sun, 29 Aug 1999 20:19:11 -0600 (MDT) Message-Id: <199908300219.UAA91030@harmony.village.org> To: Bruce Evans Subject: Re: Not sure if you got it... Cc: dynamo@ime.net, security@FreeBSD.ORG In-reply-to: Your message of "Mon, 30 Aug 1999 12:15:18 +1000." <199908300215.MAA01056@godzilla.zeta.org.au> References: <199908300215.MAA01056@godzilla.zeta.org.au> Date: Sun, 29 Aug 1999 20:19:10 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <199908300215.MAA01056@godzilla.zeta.org.au> Bruce Evans writes: : Clearing superuser flags is wrong. If they were set by root, then root : must want them. If they were set by an intruder then they would have : been fixed appropriately by the previous security pass :-). Is there a better way to turn off all the user flags then? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message