From owner-freebsd-security  Sat Apr  1 11:18:11 1995
Return-Path: security-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id LAA25290 for security-outgoing; Sat, 1 Apr 1995 11:18:11 -0800
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id LAA25265 for <security@FreeBSD.org>; Sat, 1 Apr 1995 11:17:58 -0800
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id FAA18492; Sun, 2 Apr 1995 05:15:53 +1000
Date: Sun, 2 Apr 1995 05:15:53 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199504011915.FAA18492@godzilla.zeta.org.au>
To: pst@Shockwave.COM, security@FreeBSD.org
Subject: Re: root owning everything
Sender: security-owner@FreeBSD.org
Precedence: bulk

>Except for setuid files, the majority of files in / and /usr should be owned
>by root, not bin,  so that I can't nfsmount a volume read-write and su to
>bin and have a party.

>An alternative would be to map uid bin to nobody the same way root is done.

I don't like files owned by root.  They force me to run as root too much.

The CSRG Makefiles seem to have the same policy as we have (almost
everything owned by bin).  How is this problem traditionally handled?

Bruce