2 files changed, 11 insertions, 15 deletions

diff --git a/usr.sbin/sliplogin/Makefile b/usr.sbin/sliplogin/Makefile
index effe3253e8c..794e5ea7489 100644
--- a/usr.sbin/sliplogin/Makefile
+++ b/usr.sbin/sliplogin/Makefile
@@ -1,10 +1,11 @@
-#	$OpenBSD: Makefile,v 1.4 1997/09/21 11:44:24 deraadt Exp $
+#	$OpenBSD: Makefile,v 1.5 2002/05/19 09:40:23 deraadt Exp $
 
 PROG=	sliplogin
 MAN=	sliplogin.8
 FILES=	slip.hosts slip.login
 BINOWN=	root
-BINMODE=4555
+BINGRP=	network
+BINMODE=4554
 
 .include <bsd.prog.mk>
 
diff --git a/usr.sbin/sliplogin/sliplogin.8 b/usr.sbin/sliplogin/sliplogin.8
index 64f2d7025c3..01694f4a627 100644
--- a/usr.sbin/sliplogin/sliplogin.8
+++ b/usr.sbin/sliplogin/sliplogin.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: sliplogin.8,v 1.6 2000/12/15 14:31:18 aaron Exp $
+.\"	$OpenBSD: sliplogin.8,v 1.7 2002/05/19 09:40:23 deraadt Exp $
 .\"
 .\" Copyright (c) 1990, 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -32,7 +32,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     from: @(#)sliplogin.8	5.4 (Berkeley) 8/5/91
-.\"	$Id: sliplogin.8,v 1.6 2000/12/15 14:31:18 aaron Exp $
+.\"	$Id: sliplogin.8,v 1.7 2002/05/19 09:40:23 deraadt Exp $
 .\"
 .Dd August 5, 1991
 .Dt SLIPLOGIN 8
@@ -164,18 +164,13 @@ is the local host IP netmask.
 .Pp
 Note that
 .Nm
-must be setuid to root and, while not a security hole, moral defectives
-can use it to place terminal lines in an unusable state and/or deny
+must be setuid to root and is only executable by users in group
+.Va network .
+To permit use, place a user into that group.  Users in that group
+are of course also able to use
+.Nm
+to place terminal lines in an unusable state and/or deny
 access to legitimate users of a remote slip line.
-To prevent this a site can create a group, say
-.Em slip ,
-that only the slip login accounts are put in then make sure that
-.Pa /usr/sbin/sliplogin
-is in group
-.Em slip
-and mode 4550 (setuid root, only group
-.Em slip
-can execute binary).
 .Sh DIAGNOSTICS
 .Nm
 logs various information to the system log daemon,