From owner-freebsd-hackers Wed Jan 17 17: 8:31 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from dayspring.firedrake.org (dayspring.firedrake.org [195.82.105.251]) by hub.freebsd.org (Postfix) with ESMTP id 9A07337B6A5 for ; Wed, 17 Jan 2001 17:08:13 -0800 (PST) Received: from float by dayspring.firedrake.org with local (Exim 3.12 #1 (Debian)) id 14J3Y7-0006IN-00; Thu, 18 Jan 2001 01:07:35 +0000 Date: Thu, 18 Jan 2001 01:07:35 +0000 To: David Malone Cc: Peter Pentchev , mbac@mmap.nyct.net, hackers@FreeBSD.org Subject: Re: Permissions on crontab.. Message-ID: <20010118010735.A21964@firedrake.org> References: <20010117123740.Q364@ringworld.oblivion.bg> <200101171045.aa30069@salmon.maths.tcd.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101171045.aa30069@salmon.maths.tcd.ie>; from dwmalone@maths.tcd.ie on Wed, Jan 17, 2001 at 10:45:57AM +0000 From: void Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Jan 17, 2001 at 10:45:57AM +0000, David Malone wrote: > > True - but I'd say it provides a false sense of security, which > might be more damaging than the extra security provided against > read-only exploits in crontab. That's silly. Group tty can be leveraged to provide more privilege, but that doesn't mean write(1) should be setuid root, or that having write(1) setgid tty provides a false sense of security. I think that the proposed change would be a good idea, and that it's consistent with write(1) and other uses of setgid. -- Ben 220 go.ahead.make.my.day ESMTP Postfix To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message