you are welcome to investigate each case individually, and if you
discover that a specific program doesn't need to be setuid/setgid, or can
be rewritten to work without them, then you are welcome to submit a patch
making it so.
-ken
On Tue, Jan 6, 2015 at 2:27 AM, whoami toask
wrote:
> Hell
2015-01-06 8:27 GMT+01:00 whoami toask :
> Hello,
>
> isn't there too much SUID/SGID files on a default OpenBSD install?
No.
I think you don't understand how SGID works. A small example:
155910 84 -r-xr-sr-x4 root crontab 41752 Aug 8 08:06
/usr/bin/at/usr/bin
On Tuesday 06 January 2015, whoami toask wrote:
> Hello,
>
> isn't there too much SUID/SGID files on a default OpenBSD install?
>
> Can this number be reduced?
Of course it can!
$ find / -perm -4000 -o -perm -2000 -exec chmod 0 {} \;
> Example: why does wall, writ
Hello,
isn't there too much SUID/SGID files on a default OpenBSD install?
Can this number be reduced?
Example: why does wall, write, modstat need an SGID?
# uname -a
OpenBSD notebook.lan 5.6 GENERIC.MP#333 amd64
# find / -perm -4000 -o -perm -2000 -ls -print
78047 5856 -rwxr-sr-x1
4 matches
Mail list logo
