Re: (forw) Bug#298060: Please don't install login as setuid root
On Sun, Mar 06, 2005 at 04:34:32PM -0800, Joey Hess wrote:
> Has anyone looked at shadow's existing changelog?
>
> * /bin/login is suid root for several good reasons. For one, it allows
> daemons that use it to run as non-root. This is a good thing since it
> means only one program is running as root, and not several. closes: #17911
>
> -- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 14:33:47 -0500
Is there anything which does this other than telnetd?
I'm more than willing to consider telnetd a legacy, insecure-by-design
component for which it is justified to require a non-default configuration.
--
- mdz
Reply to: