Date: Tue, 22 Oct 1996 21:51:28 -0700 (PDT) From: "Marc G. Fournier" <scrappy> To: obrien@Nuxi.cs.ucdavis.edu, scrappy, freebsd-bugs Subject: Re: bin/1410 Message-ID: <199610230451.VAA05919@freefall.freebsd.org>
index | next in thread | raw e-mail
Synopsis: /usr/bin/login is suid, with little requirement for this State-Changed-From-To: open-feedback State-Changed-By: scrappy State-Changed-When: Tue Oct 22 21:47:39 PDT 1996 State-Changed-Why: This PR deals with changing the default install of login to be non-setuid... About the only reason that seems to exist for this is 'exec login <userid>' from a shell, and I personally share Bruce's reasoning for keeping it in there, as it allows testing of logins without having to hang up. The Originator talks about 'insecurity of setuid programs'...anyone know about security problems with login as a result of it being setuid?help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610230451.VAA05919>