the term "suid" includes setgid executables... so your conclusions are way wrong.
Heck, you should give it a try. Good luck logging in afterwards. Josh Rickmar <joshrick...@outlook.com> wrote: > Playing around with find ${dir} -type f -perm -04000, I see that there > are no longer any more suid executables placed in /usr/libexec or > /usr/X11R6, so I believe these can be removed from install.sub. Based > on the comments, this hasn't been touched in a long while. > > diff bfe4739adb21458b6ca3fc690dff9c4b271f0330 /usr/src > blob - 98d5313bcc8536593785d44cc15aa14faf4d92ee > file + distrib/miniroot/install.sub > --- distrib/miniroot/install.sub > +++ distrib/miniroot/install.sub > @@ -3021,14 +3021,11 @@ do_install() { > echo -n ",nodev" > > # The only directories that the install puts suid binaries into > - # (as of 3.2) are: > + # (as of 6.8) are: > # > # /sbin > # /usr/bin > # /usr/sbin > - # /usr/libexec > - # /usr/libexec/auth > - # /usr/X11R6/bin > # > # and ports and users can do who knows what to /usr/local and > # sub directories thereof. > @@ -3040,9 +3037,7 @@ do_install() { > case $_mp in > /sbin|/usr) ;; > /usr/bin|/usr/sbin) ;; > - /usr/libexec|/usr/libexec/*) ;; > /usr/local|/usr/local/*) ;; > - /usr/X11R6|/usr/X11R6/bin) ;; > *) echo -n ",nosuid" ;; > esac > echo " 1 2" >