On Wed 2001-01-17 (20:43), Michael Bacarella wrote:
> On Thu, Jan 18, 2001 at 01:07:35AM +0000, void wrote:
>
> > > True - but I'd say it provides a false sense of security, which
> > > might be more damaging than the extra security provided against
> > > read-only exploits in crontab.
> >
> > That's silly. Group tty can be leveraged to provide more privilege,
> > but that doesn't mean write(1) should be setuid root, or that having
> > write(1) setgid tty provides a false sense of security.
> >
> > I think that the proposed change would be a good idea, and that it's
> > consistent with write(1) and other uses of setgid.
>
> Ideally, crontab wouldn't be suid/gid _anything_ and users own their
> own crontab file, but perhaps I've said too much. :)
They do own their own crontab file. The setgid is for adjusting the
modification time on the crontab directory, to signal to cron that there
has been a change.
Neil
--
Neil Blakey-Milner
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
