On Thu, Jan 18, 2001 at 01:07:35AM +0000, void wrote:
> > True - but I'd say it provides a false sense of security, which
> > might be more damaging than the extra security provided against
> > read-only exploits in crontab.
>
> That's silly. Group tty can be leveraged to provide more privilege,
> but that doesn't mean write(1) should be setuid root, or that having
> write(1) setgid tty provides a false sense of security.
>
> I think that the proposed change would be a good idea, and that it's
> consistent with write(1) and other uses of setgid.
Ideally, crontab wouldn't be suid/gid _anything_ and users own their
own crontab file, but perhaps I've said too much. :)
--
Michael Bacarella <[EMAIL PROTECTED]>
Technical Staff / New York Connect.Net, Ltd
Daytime Phone: (212) 581-2831
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
