[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid programms

On Mon, Jan 19, 1998 at 03:27:41PM -0500, Todd Graham Lewis wrote:
> 
> > man mandb
> 
> Man is suid or sgid as the user "man" so that the man program can manage
> uncompressed roff files and perform other maintenance functions
> in the man dirs.  Fairly reasonable.
> 

Ahem, nothing to do with uncompressed files or man dirs (if this refers 
to /usr/man/...: they are root.root and programs setuid man cannot access).
man and mandb are setuid "man" because this way we can restrict access 
to /var/catman hierarchy to "man" and "root" only. 
It is possible to use man-db without setuid programs if you let /var/catman 
world writable.


Fabrizio
-- 
| fpolacco@icenet.fi    fpolacco@debian.org    fpolacco@pluto.linux.it
| Pluto Leader - Debian Developer & Happy Debian 1.3.1 User - vi-holic
| 6F7267F5 fingerprint 57 16 C4 ED C9 86 40 7B 1A 69 A1 66 EC FB D2 5E
> more than 35 months are needed to get rid of the millennium. [me]
>If NT is your answer, means you didn't understand the question.[som1]


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .
Reply to: