the term "suid" includes setgid executables... so your conclusions
are way wrong.
Heck, you should give it a try. Good luck logging in afterwards.
Josh Rickmar <joshrick...@outlook.com> wrote:
> Playing around with find ${dir} -type f -perm -04000, I see that there
> are no longer any more suid executables placed in /usr/libexec or
> /usr/X11R6, so I believe these can be removed from install.sub. Based
> on the comments, this hasn't been touched in a long while.
>
> diff bfe4739adb21458b6ca3fc690dff9c4b271f0330 /usr/src
> blob - 98d5313bcc8536593785d44cc15aa14faf4d92ee
> file + distrib/miniroot/install.sub
> --- distrib/miniroot/install.sub
> +++ distrib/miniroot/install.sub
> @@ -3021,14 +3021,11 @@ do_install() {
> echo -n ",nodev"
>
> # The only directories that the install puts suid binaries into
> - # (as of 3.2) are:
> + # (as of 6.8) are:
> #
> # /sbin
> # /usr/bin
> # /usr/sbin
> - # /usr/libexec
> - # /usr/libexec/auth
> - # /usr/X11R6/bin
> #
> # and ports and users can do who knows what to /usr/local and
> # sub directories thereof.
> @@ -3040,9 +3037,7 @@ do_install() {
> case $_mp in
> /sbin|/usr) ;;
> /usr/bin|/usr/sbin) ;;
> - /usr/libexec|/usr/libexec/*) ;;
> /usr/local|/usr/local/*) ;;
> - /usr/X11R6|/usr/X11R6/bin) ;;
> *) echo -n ",nosuid" ;;
> esac
> echo " 1 2"
>
