Subject: Re: CVS commit: basesrc
To: None <email@example.com>
From: Simon Burge <firstname.lastname@example.org>
Date: 10/18/2000 10:05:48
Curt Sampson wrote:
> Module Name: basesrc
> Committed By: cjs
> Date: Tue Oct 17 15:58:18 UTC 2000
> Modified Files:
> basesrc/usr.bin/ssh/ssh: Makefile
> Log Message:
> Do not install /usr/bin/ssh suid, as this can cause various security problems.
Just a nit or two (not all aimed at you!):
+ The default BINMODE is 555, so we don't need to say that.
+ We don't need BINOWN if we're not specifying BINMODE
+ WTF is "INSTALLFLAGS=-fschg"? There's no mention of this at all
in /usr/share/man/bsd.README. Judging by a similar lines in
other Makefile's it seems to be a 4.4-lite thing, and seems to
be a rather half-hearted security feel-good attempt...
Simon Burge <email@example.com>
NetBSD Sales, Support and Service: http://www.wasabisystems.com/