Date: Fri, 11 Aug 2000 21:09:38 +0200 (SAT) From: John Hay <jhay@icomtek.co.za> To: mark@grondar.za (Mark Murray) Cc: chris@netmonger.net (Christopher Masto), imp@FreeBSD.org (Warner Losh), cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/perl Makefile Message-ID: <200008111909.e7BJ9cU57765@zibbi.mikom.csir.co.za> In-Reply-To: <200008111831.UAA14139@grimreaper.grondar.za> from Mark Murray at "Aug 11, 2000 08:31:20 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Don't build suidperl by default. Make users specifically enable its > > > building. > > > > Umm.. isn't that a bit of a radical change? Any reason for it? > > Yes; SUID-anything is a potential hole. Perl may be a good tool, > and folks who need it can get it, but for the rank-and file, > disabling this is good. But to require one to get the source just because you need suidperl is a bit extreme, I think. What about installing it without the suid bit and if you guys feel generous add an easy way to get the suid bit set. Or what about a sysinstall option? Or maybe make it a port/package? If we really want to be this paranoid, we should think about removing all other suid programs from a standard build too. John -- John Hay -- John.Hay@icomtek.csir.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008111909.e7BJ9cU57765>