>	- proposed permission change is from 666 to 620, so the above discussion
>	  does not apply.  now the problem is, is it okay for every tty-
>	  modifying binary to be setuid/setgid'ed?  you saw various objections.

it seems to me that anything that already needs to write to a tty (eg
write(1), wall(1), dump(8)) uner normal operation is already setgid
tty.

anything that needs to *modify* the tty needs to be setuid to root (to
use chown(2) or chmod(2)), so this also changes nothing.

the only loss will be to programs that are not setuid to root that
might want to be able to use a random tty for a while (eg emacs(1) or
script(1)).

the above change should, imo, be left to the individual setting up the
read-only /dev and secured environment, not done by "us".

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."