15.2 BSD issues

Vivek Khera writes that some BSDs do nightly security scans for setuid file changes. setgid directories also come up on the scan when they change. Also, the setgid bit is not necessary on BSD systems because group ownership is automatically inherited on files created in directories. On other Unixes, this only happens when the directory has the setgid bit turned on.

To install without turning on the setgid bit on directories, simply pass in the DIRSETGID variable to make, after you've run configure:

    % make DIRSETGID=: install

This disables the chmod g+s command on installed directories.