Date: Tue, 16 Jul 1996 11:04:23 -0400 (EDT) From: Dev Chanchani <dev@trifecta.com> To: Brian Tao <taob@io.org> Cc: Poul-Henning Kamp <phk@FreeBSD.ORG>, FREEBSD-SECURITY-L <freebsd-security@FreeBSD.ORG> Subject: Re: suidness of /usr/bin/login Message-ID: <Pine.BSF.3.91.960716110258.20833A-100000@www.trifecta.com> In-Reply-To: <Pine.NEB.3.92.960715223420.8904G-100000@zap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 15 Jul 1996, Brian Tao wrote: > Does /usr/bin/login need to be setuid root? Since it is normally > only called by telnetd (which already runs as root), does it have to > be setuid root as well? What else uses it? xterm (which itself is > also setuid root)? k /usr/bin/login only needs to be suid root for people to "re-login" so their uid can be set. If the only users on your system that need to su are in the wheel group, you can take the suid bit of /usr/bin/login. xterm does not need to be suid if users do not run xwindows. Dev Chanchani <dev@trifecta.com> http://www.interactive.trifecta.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960716110258.20833A-100000>