The most recent OpenBSD vulnerablity report mentions that certain applications were abused by the fact that they did not verify the owner of configuration files:
If the S/Key or YubiKey authentication type is enabled (they are both
installed by default but disabled), then a local attacker can exploit
the privileges of the group "auth" to obtain the full privileges of the
user "root" (because login_skey and login_yubikey do not verify that the
files in /etc/skey and /var/db/yubikey belong to the correct user, and
these directories are both writable by the group "auth").
dyndnsd should print a warning (probably early enough to be included in -n) if dynsnd.conf is not owned by dyndnsd's UID.
dyndnsd should print a warning (probably early enough to be included in -n) if dynsnd.conf is readable by "other."
dyndnsd should print a warning (probably early enough to be included in -n) if dynsnd.conf is executable.
The most recent OpenBSD vulnerablity report mentions that certain applications were abused by the fact that they did not verify the owner of configuration files:
dyndnsdshould print a warning (probably early enough to be included in-n) if dynsnd.conf is not owned bydyndnsd's UID.dyndnsdshould print a warning (probably early enough to be included in-n) if dynsnd.conf is readable by "other."dyndnsdshould print a warning (probably early enough to be included in-n) if dynsnd.conf is executable.