Date: Sun, 19 Aug 2001 14:11:02 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Eugene Grosbein <eugen@grosbein.pp.ru> Cc: David Malone <dwmalone@maths.tcd.ie>, stable@FreeBSD.ORG Subject: Re: 4.4-RC: is keyinfo(1) broken? Message-ID: <20010819141102.A71079@xor.obsecurity.org> In-Reply-To: <20010819191939.B508@grosbein.pp.ru>; from eugen@grosbein.pp.ru on Sun, Aug 19, 2001 at 07:19:39PM %2B0800 References: <20010818002451.A787@grosbein.pp.ru> <20010818110101.A81000@walton.maths.tcd.ie> <20010819191939.B508@grosbein.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--82I3+IH0IqGh5yIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Aug 19, 2001 at 07:19:39PM +0800, Eugene Grosbein wrote: > On Sat, Aug 18, 2001 at 11:01:01AM +0100, David Malone wrote: >=20 > > > I did not use s/key before and cannot say if it behaves so for long t= ime. > > > But it works for 3.5-STABLE and does not work for 4.2-RELEASE, too. > > Suidperl is no longer suid by default. You could either rebuild > > with > > ENABLE_SUIDPERL=3D true > > in your /etc/make.conf or try "chmod u+s /usr/bin/suidperl". >=20 > I see, thank you. But man page for keyinfo(1) does not say so :) > Well, are there any security issues with suidperl in 4.4-RC now? > I think they are because suidperl is not suid by default. None that are known, but it was disabled in response to security issues at the time, and as a precaution because it was believed that nothing in the base system used it. The keyinfo manpage should be updated if this is untrue. Kris --82I3+IH0IqGh5yIs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7gCtlWry0BWjoQKURAi/4AKCfTbJ688jHdZ/UJTirgUiIcWhbewCgkpgI DvHce3j5kkkwcdDhKK2YEjo= =huFI -----END PGP SIGNATURE----- --82I3+IH0IqGh5yIs-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010819141102.A71079>