[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: (forw) Bug#298060: Please don't install login as setuid root

On Sun, Mar 06, 2005 at 04:34:32PM -0800, Joey Hess wrote:

> Has anyone looked at shadow's existing changelog?
> 
>   * /bin/login is suid root for several good reasons. For one, it allows
>     daemons that use it to run as non-root. This is a good thing since it
>     means only one program is running as root, and not several. closes: #17911
> 
>  -- Ben Collins <bcollins@debian.org>  Sun, 31 Dec 2000 14:33:47 -0500

Is there anything which does this other than telnetd?

I'm more than willing to consider telnetd a legacy, insecure-by-design
component for which it is justified to require a non-default configuration.

-- 
 - mdz
Reply to: