> >Ok, I'll expose my ignorance and ask, what is the specific vulnerability >of bin owned files? I understand how it is a problem on NFS exported >files to insecure hosts, but what is the risk for files/dirs on a locally >non-exported file system? What about groups, is bin a bad group also? > > The main problem I've ever had with bin owning system files and other user id's owning things as well (daemon, gmaes, etc) is that it's just that much more to watch for. With root owning all the important stuff it centers your attention on that userid and prevention with just one userid. A prime example is /usr/games/chesstool on sunos 4.1.x machines. It came setuid bin for some unknown reason (I have this theory there is someone assigned at sun to just put random permissions on programs before they hit the cd :-). Well, if you pop up sunview which is needed to run this, you can get any program you want run as user bin. And guess what, /etc is owned by bin on a standard install. James hc