From owner-cvs-all Wed Jan 16 8:20:21 2002 Delivered-To: cvs-all@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 839C137B404; Wed, 16 Jan 2002 08:20:07 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id RAA03970; Wed, 16 Jan 2002 17:20:06 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0GGBjI08971; Wed, 16 Jan 2002 17:11:45 +0100 (MET) (envelope-from j) Date: Wed, 16 Jan 2002 17:11:44 +0100 From: Joerg Wunsch To: Ruslan Ermilov Cc: Robert Watson , Greg Lehey , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c src/etc/mtree BSD.local.dist BSD.usr.dist BSD.x11-4.dist BSD.x11.dist Message-ID: <20020116171144.C18043@uriah.heep.sax.de> Reply-To: Joerg Wunsch Mail-Followup-To: Joerg Wunsch , Ruslan Ermilov , Robert Watson , Greg Lehey , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org References: <20020116132917.K78030@wantadilla.lemis.com> <20020116154210.A74132@uriah.heep.sax.de> <20020116174352.C13904@sunbay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020116174352.C13904@sunbay.com>; from ru@FreeBSD.org on Wed, Jan 16, 2002 at 05:43:52PM +0200 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG As Ruslan Ermilov wrote: > All you need to do is to change the ownership on catpages holding > directories back to ``man'', and install man(1) setuid ``man''. ...until the next "make installworld". That's why i'm asking for a knob in /etc/make.conf. setuidperl can get its suid bit `sticky' by the same way. > But because it was proven to be insecure in many ways (the most > important leak is a customized environment), I don't like the idea > of even putting the required knobs back to src/. But all that can be compromised is user "man", isn't it? I don't care much about this. Get me right, it's OK by me to put a big warning above that knob into /etc/defaults/make.conf. But for sites less concerned about security (like my home computer), compromising the "man" account by the only other user on my machine (that's my wife :) isn't anything i would care much about. Even though the machine is pretty fast, i prefer the cached catpages for efficiency. (setuid root binaries are a totally different matter, since they might always serve as a target by a potential intruder. But i don't think such an intruder would gain much by breaking a setuid man man(1), and then replace all my catpages. ;-) > > I hope man(1) > > is smart enough to handle that situation, and would reformat > > the more recent man source instead of displaying the stale > > catpage then. > Yes, man(1) handles this. OK, fine. > Also, catman(1) doesn't re-catman > the entire tree by default: I know, this was one of Wolfram's design goals when he rewrote it. ;-) -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message