On Sun, Mar 06, 2005 at 05:24:06PM -0800, Matt Zimmerman wrote: > On Sun, Mar 06, 2005 at 04:34:32PM -0800, Joey Hess wrote: > > Has anyone looked at shadow's existing changelog? > > * /bin/login is suid root for several good reasons. For one, it allows > > daemons that use it to run as non-root. This is a good thing since it > > means only one program is running as root, and not several. closes: #17911 > > -- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 14:33:47 -0500 > Is there anything which does this other than telnetd? Not afaik. Even Kerberized telnetd doesn't need it (except for backwards compatibility). > I'm more than willing to consider telnetd a legacy, insecure-by-design > component for which it is justified to require a non-default configuration. Sounds fine to me. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature