From owner-freebsd-arch Wed Jan 16 9:23:48 2002 Delivered-To: freebsd-arch@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 9175837B41A; Wed, 16 Jan 2002 09:23:39 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id SAA04804; Wed, 16 Jan 2002 18:23:38 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0GHGPm00972; Wed, 16 Jan 2002 18:16:25 +0100 (MET) (envelope-from j) Date: Wed, 16 Jan 2002 18:16:25 +0100 From: Joerg Wunsch To: Ruslan Ermilov Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, arch@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c src/etc/mtree BSD.local.dist BSD.usr.dist BSD.x11-4.dist BSD.x11.dist Message-ID: <20020116181625.B757@uriah.heep.sax.de> Reply-To: Joerg Wunsch Mail-Followup-To: Joerg Wunsch , Ruslan Ermilov , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, arch@FreeBSD.org References: <20020116132917.K78030@wantadilla.lemis.com> <20020116154210.A74132@uriah.heep.sax.de> <20020116174352.C13904@sunbay.com> <20020116171144.C18043@uriah.heep.sax.de> <20020116183712.G13904@sunbay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020116183712.G13904@sunbay.com>; from ru@FreeBSD.org on Wed, Jan 16, 2002 at 06:37:12PM +0200 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG As Ruslan Ermilov wrote: > > ...until the next "make installworld". That's why i'm asking for > > a knob in /etc/make.conf. setuidperl can get its suid bit `sticky' > > by the same way. > > > Hmm, can't you live with a custom gnu/usr.bin/man/man/Makefile? :-) Not really. (OK, i see the smiley. ;-) > Not user "man", but the contents of the system manpages. Try this: > > ln -s /usr/bin/true /tmp/troff > rm /usr/share/man/cat1/cat.1* > /usr/bin/env GROFF_BIN_PATH=/tmp man 1 cat OK, someone can cause garbage to go into my cat page. He could pretend that the options "-r" and "-f" to rm(1) would be something harmless :). Well, i'd like to see two things: . Variables like FOO_BIN_PATH need to be ignored when running with raised prvileges, no question asked. We used to ignore LD_LIBRARY_PATH for the same reason. I hope this is something that is fixable. . Then turn off the setuid bit, but offer the option to re-enable it for those who value the feature more than the risk, much in the same sense as we do for suidperl (which i still think is a lot less risky than someone (like me :) writing a buggy setuid wrapper in C). -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message