Installing 4.3-Tahoe on a VAX
David L Stevens
dls at mace.cc.purdue.edu
Thu Sep 15 04:15:56 AEST 1988
And, of course:
1) You can turn off the root->nobody mapping. If you can't trust
the safety of root across an NFS link, why on Earth should every other
user be trusted?? Especially if root doesn't own the binaries; you're
just asking for trojan horses.
2) You can use find(1) to search for set{u,g}id bits as easily as
for any particular id; also for the r/w/x permissions, so the root ownership
per se doesn't make such searches any easier.
You clearly have to protect "bin" as much as "root", so why even
have them be separate?
--
+-DLS (dls at mace.cc.purdue.edu)
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list