On Wed, Jan 17, 2001 at 10:45:57AM +0000, David Malone wrote:
>
> True - but I'd say it provides a false sense of security, which
> might be more damaging than the extra security provided against
> read-only exploits in crontab.
That's silly. Group tty can be leveraged to provide more privilege,
but that doesn't mean write(1) should be setuid root, or that having
write(1) setgid tty provides a false sense of security.
I think that the proposed change would be a good idea, and that it's
consistent with write(1) and other uses of setgid.
--
Ben
220 go.ahead.make.my.day ESMTP Postfix
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
