From owner-freebsd-hackers Thu May 15 07:55:00 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id HAA21947 for hackers-outgoing; Thu, 15 May 1997 07:55:00 -0700 (PDT) Received: from obiwan.psinet.net.au (obiwan.psinet.net.au [203.19.28.59]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA21941 for ; Thu, 15 May 1997 07:54:56 -0700 (PDT) Received: from localhost (adrian@localhost) by obiwan.psinet.net.au (8.8.5/8.8.5) with SMTP id WAA10470; Thu, 15 May 1997 22:36:30 +0800 (WST) Date: Thu, 15 May 1997 22:36:30 +0800 (WST) From: Adrian Chadd To: Michael Smith cc: Amancio Hasty , freebsd-hackers@FreeBSD.ORG Subject: Re: project: editor In-Reply-To: <199705130207.LAA12389@genesis.atrad.adelaide.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 13 May 1997, Michael Smith wrote: > I think that Tcl 8.0 is in the same state as Perl 5 - waiting for the > final release. I can't see any serious value in going to 7.6 given that > it would be outdated so quickly. *nod* Thats why I noticed even in light of the recent security problems with suidperl in v4.x and 5 up until the "latest" (i forget which one, I don't use suidperl anyway), -current (someone wanna check releng , etc?) at least STILL builds setuid perl. ... root@obiwan:/usr/src/gnu/usr.bin/perl/sperl# cat Makefile [snip] BINOWN= root BINMODE=4111 [snip] I have this little file called "unixholes".. FreeBSD has "suidperl == chmod 000 /usr/bin/suidperl) as the first entry. :) I *could* be wrong, but if I'm not could someone please at least look at disabling setuid perl until the latest 5.00x version enters the source tree? I love telling people how "secure" FreeBSD is .. then this comes along. :-) Cya, Adrian.