From xemacs-m  Sun Mar 30 04:20:39 1997
Received: from jagor.srce.hr (hniksic@jagor.srce.hr [161.53.2.130])
	by xemacs.org (8.8.5/8.8.5) with ESMTP id EAA29425
	for <xemacs-beta@xemacs.org>; Sun, 30 Mar 1997 04:20:38 -0600 (CST)
Received: (from hniksic@localhost)
          by jagor.srce.hr (8.8.5/8.8.4)
	  id MAA12748; Sun, 30 Mar 1997 12:20:37 +0200 (MET DST)
Sender: hniksic@public.srce.hr
To: XEmacs Developers <xemacs-beta@xemacs.org>
Subject: A security hole during XEmacs installation
X-URL: ftp://gnjilux.cc.fer.hr/pub/unix/util/wget/
X-Attribution: Hrv
X-Face: &}4JQk=L;e.~x+|eo]#DGk@x3~ed!.~lZ}YQcYb7f[WL9L'Z*+OyA\nA
        EL1M(".[qvI#a2E6WYI5>>e7'@_)3Ol9p|Nn2wNa/;~06jL*B%tTcn/X
        vhAu7qeES0\|MF%$;sI#yn1+y"
From: Hrvoje Niksic <hniksic@srce.hr>
Date: 30 Mar 1997 12:20:37 +0200
Message-ID: <kig7mipznnu.fsf@jagor.srce.hr>
Lines: 13
X-Mailer: Gnus v5.4.37/XEmacs 19.15

When a user (e.g. `hniksic') compiles XEmacs, when root does a
`make install', many files are left in hniksic's ownership.  This
includes most (all?) of the lisp/ and etc/ directories.  This means
that the mentioned user can keep changing the site-wide stuff.
Looking back, I see that the bug has been there since before 19.14.

We may wish to fix it for 20.1, though.

-- 
Hrvoje Niksic <hniksic@srce.hr> | Student at FER Zagreb, Croatia
--------------------------------+--------------------------------
Contrary to popular belief, Unix is user friendly.  
It just happens to be selective about who it makes friends with.

