From owner-freebsd-security  Tue Jun  1 23:54:58 1999
Delivered-To: freebsd-security@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP
	id 662181522D; Tue,  1 Jun 1999 23:54:52 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id IAA24213;
	Wed, 2 Jun 1999 08:54:36 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: adrian@FreeBSD.ORG
Cc: Andrew Kenneth Milton <akm@mail.theinternet.com.au>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Shell Account system 
In-reply-to: Your message of "Wed, 02 Jun 1999 13:47:23 +0800."
             <19990602054724.12309.qmail@ewok.creative.net.au> 
Date: Wed, 02 Jun 1999 08:54:36 +0200
Message-ID: <24211.928306476@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <19990602054724.12309.qmail@ewok.creative.net.au>, adrian@FreeBSD.OR

>The worst thing in the world you can ever do is allow users to compile/run
>their own binaries. If a user wants something installed, then I'll damn
>well compile it and install it for *all* to use.

Go into the kernel, modify it so only suser() can set a execute bit.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message