Date: Tue, 22 Oct 1996 21:51:28 -0700 (PDT) From: "Marc G. Fournier" <scrappy> To: obrien@Nuxi.cs.ucdavis.edu, scrappy, freebsd-bugs Subject: Re: bin/1410 Message-ID: <199610230451.VAA05919@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Synopsis: /usr/bin/login is suid, with little requirement for this State-Changed-From-To: open-feedback State-Changed-By: scrappy State-Changed-When: Tue Oct 22 21:47:39 PDT 1996 State-Changed-Why: This PR deals with changing the default install of login to be non-setuid... About the only reason that seems to exist for this is 'exec login <userid>' from a shell, and I personally share Bruce's reasoning for keeping it in there, as it allows testing of logins without having to hang up. The Originator talks about 'insecurity of setuid programs'...anyone know about security problems with login as a result of it being setuid?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610230451.VAA05919>