Date: Thu, 28 Mar 2002 04:40:31 -0800 (PST) From: Jason Stone <jason-fbsd-security@shalott.net> To: <security@FreeBSD.ORG> Subject: make world and setuid bits Message-ID: <20020328043119.V5333-100000@walter> In-Reply-To: <20020328131303.F98036-100000@axis.tdd.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are there make variables that can be set to prevent "make world" from installing binaries as setuid? Currently, I always run something like "find -perms -4000 | xargs chmod u-s" after doing a make world, but this seems inelegant, prone to human error, and dangerous as there's a (potentially quite long) period in which there are still many setuid binaries.... make options to allow the prevention of "setuid root", "all setuid", or "all setuid and all setgid" would be nice. -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE8ow9IswXMWWtptckRAkZYAJ9S6Cchf5Cz8rtqAkjjYTp/GBCvdQCfbYx6 L1AGZQV/R96Shfpl9C383Fc= =NwdP -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020328043119.V5333-100000>