Subject: Re: CVS commit: basesrc
To: None <cjs@netbsd.org>
From: Simon Burge <simonb@wasabisystems.com>
List: source-changes
Date: 10/18/2000 10:05:48
Curt Sampson wrote:

> 
> Module Name:	basesrc
> Committed By:	cjs
> Date:		Tue Oct 17 15:58:18 UTC 2000
> 
> Modified Files:
> 
> 	basesrc/usr.bin/ssh/ssh: Makefile
> 
> Log Message:
> 
> Do not install /usr/bin/ssh suid, as this can cause various security problems.

Just a nit or two (not all aimed at you!):

 + The default BINMODE is 555, so we don't need to say that.
 + We don't need BINOWN if we're not specifying BINMODE
 + WTF is "INSTALLFLAGS=-fschg"?  There's no mention of this at all
   in /usr/share/man/bsd.README.  Judging by a similar lines in
   other Makefile's it seems to be a 4.4-lite thing, and seems to
   be a rather half-hearted security feel-good attempt...

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/