Date: Thu, 2 Dec 1999 15:59:24 -0800 From: Matthew Hunt <mph@astro.caltech.edu> To: Kris Kennaway <kris@hub.freebsd.org> Cc: Jason DiCioccio <geniusj@phreebsd.org>, chat@FreeBSD.ORG, advocacy@FreeBSD.ORG Subject: Re: Vulnerability postings.. Message-ID: <19991202155924.A80952@wopr.caltech.edu> In-Reply-To: <Pine.BSF.4.21.9912021525050.6925-100000@hub.freebsd.org>; from kris@hub.freebsd.org on Thu, Dec 02, 1999 at 03:26:17PM -0800 References: <Pine.BSF.4.21.9912021546540.493-100000@phreebsd.org> <Pine.BSF.4.21.9912021525050.6925-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 02, 1999 at 03:26:17PM -0800, Kris Kennaway wrote: > In my response to the bugtraq post I corrected which ones were actually > our fault and which not. Just for the record, installing angband sgid was not a result of me smoking crack. It is written to be installed that way, aside from the fact that the author knows squat about security. (The source does not ship with an install target, so I did write the code to install sgid.) Grepping for "uid" in the source should make it clear that set[ug]id functionality is intended. As of today, the port installs non-sgid, but this requires two mode 1777 directories, breaks the high-score file, and probably lets players do bad things to each others' ability to play the game. Matt -- Matthew Hunt <mph@astro.caltech.edu> * Stay close to the Vorlon. http://www.pobox.com/~mph/ * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991202155924.A80952>