Index: usr.sbin/newsyslog/newsyslog.c
===================================================================
--- usr.sbin/newsyslog/newsyslog.c
+++ usr.sbin/newsyslog/newsyslog.c
@@ -1193,6 +1193,11 @@
 		if (!sscanf(q, "%o", &working->permissions))
 			errx(1, "error in config file; bad permissions:\n%s",
 			    errline);
+		if ((working->permissions & (S_ISUID|S_ISGID)) != 0)
+			errx(1, "cowardly refusing to create setuid logfile");
+		if ((working->permissions & (S_IXUSR|S_IXGRP|S_IXOTH)) != 0)
+			errx(1,
+			    "cowardly refusing to create executable logfile");
 
 		q = parse = missing_field(sob(parse + 1), errline);
 		parse = son(parse);