A while ago, there was a discussion about gaining root access via suid
programs through exploiting libcrypt.so.*. Well, since the libraries
are installed with owner bin (group bin), it appears that if you are
able to become bin on a system, gaining root is trivial.

My question, should /usr/share/mk/bsd.own.mk be changed to install
binaries and libraries with owner root instead of owner bin?

-SR

------------------------------------------------------------------------------