Date: Wed, 16 Jan 2002 17:59:58 +0000 From: Brian Somers <brian@freebsd-services.com> To: Murray Stokely <murray@FreeBSD.org> Cc: freebsd-qa@FreeBSD.org, Ruslan Ermilov <ru@FreeBSD.org>, Brian Somers <brian@freebsd-services.com> Subject: Re: Changes to man(1) Message-ID: <200201161759.g0GHxwL81019@hak.lan.Awfulhak.org> In-Reply-To: Message from Murray Stokely <murray@FreeBSD.ORG> of "Tue, 15 Jan 2002 15:40:38 PST." <20020115234038.GR6073@windriver.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> The release engineers would really like to see Ruslan's latest
> changes to man(1) in FreeBSD 4.5. This change closes a number of
> potential security holes that could allow privilege escalation.
> Please help us look over the recent commit to -CURRENT before we allow
> this to be MFCed. Here are the relevant commits from Ruslan :
I don't think this is -stable material (it changes system behaviour).
I also think that putting something this size into the system at this
point in the release cycle should at least warrant another RC.
I also don't like this new (well, old) mechanism. Instead, I think
man(1) should be fixed so that as soon as any of the default things
like macro packages and man directories are altered, it drops all
privileges. Is there a problem with doing it that way instead ?
> Thanks,
> - Murray
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-qa" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201161759.g0GHxwL81019>