tech-security: Re: Fix for PR security/8069: man(1) vulnerability

Subject: Re: Fix for PR security/8069: man(1) vulnerability
To: None <tech-security@netbsd.org>
From: Matthias Scheler <tron@zhadum.de>
List: tech-security
Date: 07/26/1999 06:43:43

In article <199907260015.CAA01463@altair.mayn.de>,
	Matthias Buelow <mkb@altair.mayn.de> writes:
> chown -R man /usr/share/man and make man(1) setuid man.

Why? To allow users to mess up your manual pages with "man". That doesn't
make sense.

	Kind regards

-- 
Matthias Scheler                                http://home.owl.de/~tron/