From owner-freebsd-security  Wed Mar  8  1:29:16 2000
Delivered-To: freebsd-security@freebsd.org
Received: from m3.cs.berkeley.edu (m3.CS.Berkeley.EDU [128.32.45.179])
	by hub.freebsd.org (Postfix) with ESMTP
	id 275F037B5DF; Wed,  8 Mar 2000 01:29:12 -0800 (PST)
	(envelope-from asami@stampede.cs.berkeley.edu)
Received: from silvia.hip.berkeley.edu (sji-ca1-183.ix.netcom.com [209.109.232.183])
	by m3.cs.berkeley.edu (8.9.3/8.9.3) with ESMTP id BAA73586;
	Wed, 8 Mar 2000 01:28:41 -0800 (PST)
	(envelope-from asami@stampede.cs.berkeley.edu)
Received: (from asami@localhost) by silvia.hip.berkeley.edu (8.9.3/8.6.9) id BAA53881; Wed, 8 Mar 2000 01:27:32 -0800 (PST)
To: Kris Kennaway <kris@hub.freebsd.org>
Cc: security@freebsd.org, ports@freebsd.org
Subject: Re: cvs commit: ports/games/omega Makefile (fwd)
References: <Pine.BSF.4.21.0003080057080.78831-100000@hub.freebsd.org>
From: asami@freebsd.org (Satoshi - Ports Wraith - Asami)
Date: 08 Mar 2000 01:26:49 -0800
In-Reply-To: Kris Kennaway's message of "Wed, 8 Mar 2000 01:04:01 -0800 (PST)"
Message-ID: <vqcaek9izhi.fsf@silvia.hip.berkeley.edu>
Lines: 11
X-Mailer: Gnus v5.7/Emacs 20.5
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

 * From: Kris Kennaway <kris@hub.freebsd.org>

 * It wouldn't help: if the binary is setuid games but not owner-writable,
 * the games user can still change permissions and replace it (or any other
 * games-owned binary) because he owns the file. Using setgid instead of
 * setuid solves this, as long as no binaries are games _group_ writable (on
 * my machine nothing except for save files is).

You're right, of course.  Yes, setuid games are bad!

Satoshi


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message