Subject: Library permissions and security
To: None <>
From: Stephen J. Roznowski <>
List: current-users
Date: 03/27/1994 17:36:09
A while ago, there was a discussion about gaining root access via suid
programs through exploiting*. Well, since the libraries
are installed with owner bin (group bin), it appears that if you are
able to become bin on a system, gaining root is trivial.

My question, should /usr/share/mk/ be changed to install
binaries and libraries with owner root instead of owner bin?