Subject: Re: newsyslog
To: Dave Sainty <>
From: Todd Vierling <>
List: current-users
Date: 07/28/1998 09:54:06
On Wed, 29 Jul 1998, Dave Sainty wrote:

: newsyslog is explicitly installed with BINOWN root.  This seems
: pointless as it isn't setuid.  Is there a deeper meaning for this, or
: is it just an oversight?

This was changed in the interest of security a while ago (as were all other
binaries using BINOWN):  installing trojans is far easier on systems where
you may be able to get access as a user other than root and overwrite bins
that aren't owned by root.

-- Todd Vierling (Personal; Bus.