Date: Fri, 27 Feb 2004 08:58:13 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: des@FreeBSD.org Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/login Makefile Message-ID: <20040227.085813.101498686.imp@bsdimp.com> In-Reply-To: <200402270839.i1R8dGLe071220@repoman.freebsd.org> References: <200402270839.i1R8dGLe071220@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <200402270839.i1R8dGLe071220@repoman.freebsd.org>
Dag-Erling Smorgrav <des@FreeBSD.org> writes:
: Cut through the bikeshed and remove login(1)'s setuid bit. It has no
: business trying to impersonate su(1), and it does not need to be setuid
: to function properly when invoked by getty(8) or telnetd(8).
This does break 'login foo' from the shell command line.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040227.085813.101498686.imp>