Date: Tue, 16 Jul 1996 18:30:54 -0700 (PDT) From: "David E. O'Brien" <obrien@Nuxi.cs.ucdavis.edu> To: freebsd-security@freebsd.org Subject: Re: suidness of /usr/bin/login Message-ID: <199607170130.SAA20049@relay.nuxi.com> In-Reply-To: <199607161600.QAA27336@gatekeeper.fsl.noaa.gov> from "Sean Kelly" at Jul 16, 96 10:00:55 am
next in thread | previous in thread | raw e-mail | index | archive | help
> Brian> Other than that, there is no real need for it to be > Brian> setuid root (since telnetd and getty are both already > Brian> running as root). I guess this would put it under "setuid > Brian> root subject to local policy". > > Exactly. It's not a terribly useful feature anyway and of all whom I > know are even aware of it, none make use of it. You can always log > out and back in! Not even very useful in Solaris 2.5 running X if you remember you can do this. So why keep it around??? How about a proposal to NOT make login suid in FBSD releases? kongur:~> login login: obrien Password: No utmpx entry. You must exec "login" from the lowest level "shell". kongur:~> -- David (obrien@cs.ucdavis.edu)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607170130.SAA20049>