From owner-freebsd-security  Sat Nov  2 16:07:57 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA05366
          for security-outgoing; Sat, 2 Nov 1996 16:07:57 -0800 (PST)
Received: from jli.com (jli.com [199.2.111.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA05347
          for <freebsd-security@FreeBSD.org>; Sat, 2 Nov 1996 16:07:37 -0800 (PST)
Received: from cumulus by jli.com with uucp
	(Smail3.1.29.1 #3) id m0vJq5g-0001bOC; Sat, 2 Nov 96 16:07 PST
Message-Id: <m0vJq54-00004qC@cloud.rain.com>
To: freebsd-security@FreeBSD.org
Subject: Re: rwhod buffer overflow bug 
References: <199611010907.KAA26376@spooky.lss.cp.philips.com> 
In-reply-to: Your message of Fri, 01 Nov 1996 10:07:16 +0100.
             <199611010907.KAA26376@spooky.lss.cp.philips.com> 
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <6127.846979585.1@cloud.rain.com>
Date: Sat, 02 Nov 1996 16:06:25 -0800
From: Bill Trost <trost@cloud.rain.com>
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

I may have asked this question before, but:  Why not make rwhod
setuid() itself down once it has its sockets and /dev/kmem open?
/var/rwho would have to be writable by that user, but otherwise
the running rwho would have few privileges with which to do any
real damage to the system.