Date: Tue, 15 Oct 1996 09:39:22 +0100 (MET) From: Luigi Rizzo <luigi@labinfo.iet.unipi.it> To: bde@zeta.org.au (Bruce Evans) Cc: freebsd-hackers@FreeBSD.ORG, j@uriah.heep.sax.de Subject: Re: /sbin/init permission Message-ID: <199610150839.JAA00416@labinfo.iet.unipi.it> In-Reply-To: <199610150611.QAA29647@godzilla.zeta.org.au> from "Bruce Evans" at Oct 15, 96 04:11:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> >> And, back to the original question: any objection in changing > >> /sbin/init permissions to 0555 ? > > > >I hesitate to decide this without any further opinions... > > Complete set of standard executables with annoying permissions in > -current: > > -r-x------ 1 bin bin 20480 Oct 2 04:24 /sbin/init > -r-sr-x--- 1 root operator 12288 Oct 2 04:26 /sbin/shutdown > ---s--x--x 2 root bin 286720 Oct 2 04:19 /usr/bin/sperl4.036 > ---s--x--x 2 root bin 286720 Oct 2 04:19 /usr/bin/suidperl > -r-sr-x--- 1 uucp uucp 90112 Oct 2 04:09 /usr/libexec/uucp/uuxqt > -r-x------ 1 bin bin 12288 Oct 2 04:42 /usr/sbin/watch > > The missing permissions for `watch' make it unusable by root if /usr > is nfs-mounted without maproot=0. for suid applications there is a reason for being restrictive. For others, there is not (or at least, this is site-dependant). Luigi ==================================================================== Luigi Rizzo Dip. di Ingegneria dell'Informazione email: luigi@iet.unipi.it Universita' di Pisa tel: +39-50-568533 via Diotisalvi 2, 56126 PISA (Italy) fax: +39-50-568522 http://www.iet.unipi.it/~luigi/ ====================================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610150839.JAA00416>