On Tue, Jun 12, 2001 at 04:09:44AM +0200, Cyrille Lefevre wrote:
> Alfred Perlstein <brightrush.net> writes:
>
> > * Nickolay A. Kritsky <nkritskyinternethelp.ru> [010607 11:19] wrote:
> > > Can anybody tell me why /usr/local/bin/make in FreeBSD 4.2 is SGID
> > > kmem? I thought that make is intended only for compiling huge C
> > > programs, isnt it?
> > >
> > > #ls -l /usr/local/bin/make
> > > -rwxr-sr-x 1 root kmem 445486 May 14 15:58 /usr/local/bin/make
> >
> > As people have stated this isn't our make, it's most likely GNU make
> > installed without using the port.
> >
> > The reason for the sgid'ness is most likely so that the binary can
> > query the system load average to optimize parrallel compliation
> > without overwhelming the system.
> >
> > Although, this is sort of silly as the info should be available via
> > sysctl in FreeBSD.
>
> Justin, are you willing to update gmake for using sysctl instead of
> reading kmem ? if no, I'll do it when I'll have some time.

The devel/gmake port already clears the setgid bit of the gmake
executable in its post-install target - gmake uses the getloadavg(3)
function, which does not require any privileges, but the autoconf
getloadavg-setgid'ness detection logic is not quite up-to-date.

G'luck,
Peter

-- 
I am not the subject of this sentence.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]