From owner-freebsd-hackers  Sat Jul 19 06:37:15 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA25831
          for hackers-outgoing; Sat, 19 Jul 1997 06:37:15 -0700 (PDT)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.8.15.25])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA25825
          for <hackers@FreeBSD.ORG>; Sat, 19 Jul 1997 06:37:11 -0700 (PDT)
Received: (from danny@localhost)
	by panda.hilink.com.au (8.8.5/8.8.5) id XAA06005;
	Sat, 19 Jul 1997 23:36:50 +1000 (EST)
Date: Sat, 19 Jul 1997 23:36:49 +1000 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De>
cc: sthaug@nethelp.no, andreas@klemm.gtn.com, hackers@FreeBSD.ORG
Subject: Re: sendmail complains about being unable to write his pid file
In-Reply-To: <199707191241.OAA28753@helbig.informatik.ba-stuttgart.de>
Message-ID: <Pine.BSF.3.91.970719233540.869J-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


On Sat, 19 Jul 1997, Wolfgang Helbig wrote:

> > Yes, but the question stands - why is it setup this way? What is gained
> > by having binaries (and important directories) owned by bin instead of
> > root?
> 
> More security? setuid / setgid will give you the powers of bin
> only, not of root.

If you gain access to bin, you can write a tojan 'ls', or other command 
likely to be run by root.

Danny