From owner-freebsd-ports Fri Oct 19 10: 8:36 2001 Delivered-To: freebsd-ports@freebsd.org Received: from squall.waterspout.com (squall.waterspout.com [208.13.56.12]) by hub.freebsd.org (Postfix) with ESMTP id 4EAFD37B40A; Fri, 19 Oct 2001 10:08:33 -0700 (PDT) Received: by squall.waterspout.com (Postfix, from userid 1050) id 9D7039B75; Fri, 19 Oct 2001 12:07:41 -0500 (EST) Date: Fri, 19 Oct 2001 12:07:41 -0500 From: Will Andrews To: security@FreeBSD.org, ports@FreeBSD.org, kde@FreeBSD.org Subject: KCheckPass -- make it setuid root or not? Message-ID: <20011019120741.U25747@squall.waterspout.com> Reply-To: Will Andrews Mail-Followup-To: security@FreeBSD.org, ports@FreeBSD.org, kde@FreeBSD.org References: <20011019120706.T25747@squall.waterspout.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011019120706.T25747@squall.waterspout.com> User-Agent: Mutt/1.3.22.1i Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Oct 19, 2001 at 12:07:06PM -0500, Will Andrews wrote: > OK, so I keep getting mail every now and then from people who > can't figure out why kcheckpass / kscreensaver won't authenticate > their password(s). It's because I decided to play it safe and > made kcheckpass non setuid root, which it needs in order to call > getpwnam(). > > But now I'm tired of getting these emails from people who don't > notice the message that kdebase spouts about it. I want to know > if people think it's a safe "risk" to give kcheckpass setuid root > privileges so it Just Works(tm) when people try KDE. Erm, sorry about the lack of a subject... -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message