Subject: Re: Removing dm(1)
To: Jason Thorpe <thorpej@nas.nasa.gov>
From: Curt Sampson <cjs@portal.ca>
List: current-users
Date: 11/18/1997 10:13:24
On Tue, 18 Nov 1997, Jason Thorpe wrote:
> Removing dm doesn't simplify anything. You still have to fix the
> setuid usage (because games have to be setuid games anyhow), and
> you remove the functionality that dm provides.
I think I've addressed the argument that dm provides any significant
functionality.
As for removing dm, what it does mean is that you need to audit
only the games that keep high score files, rather than all of them.
For example, the hole in fish(6) that allows you access to the
account of any user that runs a game exists only because fish is
run by dm.
cjs
Curt Sampson cjs@portal.ca Info at http://www.portal.ca/
Internet Portal Services, Inc. Through infinite myst, software reverberates
Vancouver, BC (604) 257-9400 In code possess'd of invisible folly.