Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Peter Pentchev (roamorbitel.bg)
Date: Tue Jun 12 2001 - 04:07:40 CDT
On Tue, Jun 12, 2001 at 04:09:44AM +0200, Cyrille Lefevre wrote:
> Alfred Perlstein <brightrush.net> writes:
> > * Nickolay A. Kritsky <nkritskyinternethelp.ru> [010607 11:19] wrote:
> > > Can anybody tell me why /usr/local/bin/make in FreeBSD 4.2 is SGID
> > > kmem? I thought that make is intended only for compiling huge C
> > > programs, isnt it?
> > >
> > > #ls -l /usr/local/bin/make
> > > -rwxr-sr-x 1 root kmem 445486 May 14 15:58 /usr/local/bin/make
> > As people have stated this isn't our make, it's most likely GNU make
> > installed without using the port.
> > The reason for the sgid'ness is most likely so that the binary can
> > query the system load average to optimize parrallel compliation
> > without overwhelming the system.
> > Although, this is sort of silly as the info should be available via
> > sysctl in FreeBSD.
> Justin, are you willing to update gmake for using sysctl instead of
> reading kmem ? if no, I'll do it when I'll have some time.
The devel/gmake port already clears the setgid bit of the gmake
executable in its post-install target - gmake uses the getloadavg(3)
function, which does not require any privileges, but the autoconf
getloadavg-setgid'ness detection logic is not quite up-to-date.
-- I am not the subject of this sentence.
To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message