From owner-freebsd-security  Fri May 17 12:49:57 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id MAA13305
          for security-outgoing; Fri, 17 May 1996 12:49:57 -0700 (PDT)
Received: from ptavv.nsta.org (ptavv.gfoster.com [199.0.2.254])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id MAA13286;
          Fri, 17 May 1996 12:49:46 -0700 (PDT)
Received: (from gfoster@localhost) by ptavv.nsta.org (8.7.5/8.6.12) id PAA00619; Fri, 17 May 1996 15:48:25 -0400 (EDT)
Date: Fri, 17 May 1996 15:48:25 -0400 (EDT)
From: Glen Foster <gfoster@gfoster.com>
Message-Id: <199605171948.PAA00619@ptavv.nsta.org>
To: pst@shockwave.com
CC: jkh@time.cdrom.com, davidg@Root.COM, jkh@freefall.freebsd.org,
        committers@freefall.freebsd.org, security@FreeBSD.org
In-reply-to: <199605171749.KAA00487@precipice.shockwave.com> (message from Paul Traina on Fri, 17 May 1996 10:49:43 -0700)
Subject: Re: cvs commit: src/sbin Makefile
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

How about rather than changing the Makefile to not install suid, the
full path of modload be referenced in the source.  Preserves the suid
functionality and defeats the symlink attack.
---
Glen Foster <gfoster@gfoster.com>