> > if you are able to gain user 'bin', you can do damn near anything
> > you want.  have you looked at the ownership of /bin/sh lately?
> No argument here.... Should the bsd.own.mk files be updated to install
> stuff with owner root?

Why?  It is no easier to become bin than to become root; in fact, it is
probably marginally harder, since no sane installation has a valid password
for the bin account, and there are no setuid-bin executables to take advantage
of bugs in.

------------------------------------------------------------------------------