> pppd and sliplogin are login shells, they need to be setuid.  on a
   > "harded" (of sorts) system i run, only priv(8), su(8) and pppd(8)
   > are set-id.  (priv is like sudo.)
   
   hmm ok


it may be desirable to make these programs default to being
non-executable by the world, and some group ("pppslip" i dunno),
and to at least limit the damage these cause.  while it would
affect me, i think i'm happy to be affected :-)


i also really think we should remove the set-id bit on /bin/df.
any one object to this?


.mrg.