From owner-freebsd-security Sat Sep 8 18:21: 0 2001 Delivered-To: freebsd-security@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id B73AC37B40C; Sat, 8 Sep 2001 18:20:56 -0700 (PDT) Received: from chimp.sentex.net (fcage [192.168.0.2]) by cage.simianscience.com (8.11.6/8.11.6) with ESMTP id f891Kt908067; Sat, 8 Sep 2001 21:20:55 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20010908211920.02949008@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sat, 08 Sep 2001 21:20:53 -0400 To: Jordan Hubbard From: Mike Tancsa Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Cc: security@FreeBSD.ORG In-Reply-To: <20010908181652H.jkh@freebsd.org> References: <200109082103.f88L3fK29117@earth.backplane.com> <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12> <200109082103.f88L3fK29117@earth.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 06:16 PM 9/8/2001 -0700, Jordan Hubbard wrote: >Hmmmm. Stripping the suid bit I can understand, but what's really >bought by making it immutable? I'm also truly loath to accept any >changes to -stable at this point which don't fix demonstrably critical >issues, so unless the security officers can cite evidence that this is >a significant security hole, I'm inclined to reject the change. >Thanks. A local root exploit doesnt cut it ? ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message