From owner-freebsd-hackers  Wed Jun  4 13:06:11 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id NAA00774
          for hackers-outgoing; Wed, 4 Jun 1997 13:06:11 -0700 (PDT)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA00752
          for <freebsd-hackers@FreeBSD.ORG>; Wed, 4 Jun 1997 13:06:06 -0700 (PDT)
Received: (from bde@localhost) by godzilla.zeta.org.au (8.8.5/8.6.9) id GAA15194; Thu, 5 Jun 1997 06:03:37 +1000
Date: Thu, 5 Jun 1997 06:03:37 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199706042003.GAA15194@godzilla.zeta.org.au>
To: freebsd-hackers@FreeBSD.ORG, joelh@gnu.ai.mit.edu
Subject: Re: tty_snoop: why check uid?
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

>Why does the snp device check to make sure that the user invoking it
>is root, instead of letting the admin set the permissions on the
>device to whatever he feels appropriate?

I think it is because system-supported security holes should be as
small as possible.

Bruce