response 24 of 24:

May 17 00:35 UTC 2019

More on the back/front talk .cfdir access errors and partutil

**problem
  described above

**background info**
unixpapa.com/backtalk/stab/doc/glossary.html
Partutil Program
The partutil program is used only on systems where real Unix accounts
are used and Backtalk is to cooperate with Picospan or Yapp [or
fronttalk]. In this case, the files stored in the user's home directory
are owned by the user, and thus not writable by the Backtalk program.
The partutil program is a work-around for this problem. It is an
suid-root program which can be called by Backtalk to creates or destroys
these files, and to permit the to be writable to a Backtalk's Unix
group-ID. Various safeguards are built-in to prevent partutil from being
run by anyone other than Backtalk. 

CURRENT mode for partutil
grex$ for f in $(locate partutil); do ls -l $f; done
-rws--x--x  1 root  cfadmg  /suid/libexec/partutil
lrwx------  1 root  wheel   /suid/libexec/partutil-1.3.30 -> partutil
lrwxr-xr-x  1 root  wheel   /cyberspace/libexec/backtalk-1.3.30/partutil

                           -> /suid/libexec/partutil-1.3.30

**mode testing
SUID mode tests on Linux (I don't have an OpenBSD install.)
The files below are here: http://grex.org/~bwh/suid.tgz

user1@I660> pwd
/opt/suid

user1@I660> ls -l
total 24
lrwxrwxrwx. 1 root root  addent_suid_target -> suid_script_wrapper
-rwx------. 1 root root  suid_script.bash
-rwsr-xr-x. 1 root root  suid_script_wrapper
-rw-r--r--. 1 root root  suid_script_wrapper.c
-rw-r--r--. 1 root root  suid_target

**suggestion
change mode of /suid/libexec/partutil to -rwsr-xr-x (4755) 
instead of -rws--x--x (4711)

And, maybe the mode of this link:
lrwx------  1 root  wheel   /suid/libexec/partutil-1.3.30 -> partutil
should be lrwxr-xr-x (Linux sym links are lrwxrwxrwx and permissions of
the linked file are used.)