From owner-freebsd-security  Tue Jan 23 00:49:46 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id AAA16005
          for security-outgoing; Tue, 23 Jan 1996 00:49:46 -0800 (PST)
Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id AAA15779
          for <security@FreeBSD.org>; Tue, 23 Jan 1996 00:45:44 -0800 (PST)
Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1])
	by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id JAA10249
	; Tue, 23 Jan 1996 09:44:31 +0100
Received: from (uucp@localhost)
	by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id JAA17646
	; Tue, 23 Jan 1996 09:44:31 +0100
Received: (from roberto@localhost) by keltia.freenix.fr (8.7.3/keltia-uucp-2.7) id JAA06930; Tue, 23 Jan 1996 09:42:35 +0100 (MET)
From: Ollivier Robert <roberto@keltia.freenix.fr>
Message-Id: <199601230842.JAA06930@keltia.freenix.fr>
Subject: Re: Ownership of files/tcp_wrappers port
To: nlawson@statler.csc.calpoly.edu (Nathan Lawson)
Date: Tue, 23 Jan 1996 09:42:35 +0100 (MET)
Cc: security@FreeBSD.org
In-Reply-To: <199601222147.NAA09887@statler.csc.calpoly.edu> from "Nathan Lawson" at Jan 22, 96 01:47:40 pm
X-Operating-System: FreeBSD 2.2-CURRENT ctm#1586
X-Mailer: ELM [version 2.4ME+ PL0 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@FreeBSD.org
Precedence: bulk

It seems that Nathan Lawson said:
> First, I don't mean to beat a dead horse, but I think this issue has never
> been adequately considered:  less "bin" ownership of files and directories.
> The advantages of more root-owned directories and files are that root is 

I already tried to change  the ownership long ago,  even with a patch but I
was told it was the traditional BSD way so I  changed it on my box. Another
reason is that  it is usually  more difficult to  break into root than into
another user so ownership by root should prevent  most modifications of the
system binaries.

> Secondly, I was wondering why the tcp_wrappers distribution didn't make it
> into the source tree instead of being a port.  It's a pretty small program
> that hasn't received too many changes recently.  It's very worthwhile and
> libwrap.a can be linked into portmap and ypserv a lot more easily (even
> making this the default, perhaps).

That would be nice  too. Many Linux  dists ship the system with TCP_Wrapper
installed.
 
-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.frmug.fr.net
   FreeBSD keltia.freenix.fr 2.2-CURRENT #1: Sun Jan 14 20:23:45 MET 1996