diff --git a/gnu/usr.bin/man/man/Makefile b/gnu/usr.bin/man/man/Makefile
index 9aff7372dc77..f0b5bb3b3513 100644
--- a/gnu/usr.bin/man/man/Makefile
+++ b/gnu/usr.bin/man/man/Makefile
@@ -2,6 +2,7 @@ PROG=	man
 SRCS=	man.c manpath.c glob.c
 BINOWN= man
 BINMODE=4555
+INSTALLFLAGS+= -fschg
 
 .if exists(${.OBJDIR}/../lib)
 LIBDESTDIR=	${.OBJDIR}/../lib
@@ -19,7 +20,7 @@ MAN1=   ${.CURDIR}/man.1
 .endif
 
 CFLAGS+= -I${.CURDIR}/../lib -DSTDC_HEADERS -DPOSIX -DHAS_TROFF
-CFLAGS+= -DDO_COMPRESS -DALT_SYSTEMS -DSETREUID -DCATMODE=0664
+CFLAGS+= -DDO_COMPRESS -DALT_SYSTEMS -DSETREUID -DCATMODE=0644
 CLEANFILES+=	${MAN1}
 MANDEPEND+=	${MAN1}
 
diff --git a/gnu/usr.bin/man/man/man.c b/gnu/usr.bin/man/man/man.c
index d9a9c7010396..fdfab5ad973d 100644
--- a/gnu/usr.bin/man/man/man.c
+++ b/gnu/usr.bin/man/man/man.c
@@ -435,9 +435,7 @@ man_getopt (argc, argv)
 	    fprintf (stderr, "Alternate system `%s' specified\n",
 		     alt_system_name);
 
-	  strcpy (buf, p);
-	  strcat (buf, "/");
-	  strcat (buf, alt_system_name);
+	  snprintf(buf, sizeof(buf), "%s/%s", p, alt_system_name);
 
 	  mp = add_dir_to_mpath_list (mp, buf);
 	}
@@ -537,15 +535,17 @@ convert_name (name, to_cat)
 #ifdef DO_COMPRESS
   if (to_cat)
     {
-      int len = strlen (name) + 3;
+      int olen = strlen(name);
       int cextlen = strlen(COMPRESS_EXT);
+      int len = olen + cextlen;
 
-      to_name = (char *) malloc (len);
+      to_name = malloc (len+1);
       if (to_name == NULL)
-	gripe_alloc (len, "to_name");
+	gripe_alloc (len+1, "to_name");
       strcpy (to_name, name);
+      olen -= cextlen;
       /* Avoid tacking it on twice */
-      if (strcmp(name + (len - (3 + cextlen)), COMPRESS_EXT))
+      if (olen >= 1 && strcmp(name + olen, COMPRESS_EXT) != 0)
       	strcat (to_name, COMPRESS_EXT);
     }
   else
@@ -749,8 +749,10 @@ ultimate_source (name, path)
   char *beg;
   char *end;
 
-  strcpy (ult, name);
-  strcpy (buf, name);
+  strncpy (ult, name, sizeof(ult)-1);
+  ult[sizeof(ult)-1] = '\0';
+  strncpy (buf, name, sizeof(buf)-1);
+  ult[sizeof(buf)-1] = '\0';
 
  next:
 
@@ -775,11 +777,8 @@ ultimate_source (name, path)
 
       *end = '\0';
 
-      strcpy (ult, path);
-      strcat (ult, "/");
-      strcat (ult, beg);
-
-      strcpy (buf, ult);
+      snprintf(ult, sizeof(ult), "%s/%s", path, beg);
+      snprintf(buf, sizeof(buf), "%s", ult);
 
       goto next;
     }
@@ -791,34 +790,34 @@ ultimate_source (name, path)
 }
 
 void
-add_directive (first, d, file, buf)
+add_directive (first, d, file, buf, bufsize)
      int *first;
      char *d;
      char *file;
      char *buf;
+     int bufsize;
 {
   if (strcmp (d, "") != 0)
     {
       if (*first)
 	{
 	  *first = 0;
-	  strcpy (buf, d);
-	  strcat (buf, " ");
-	  strcat (buf, file);
+	  snprintf(buf, bufsize, "%s %s", d, file);
 	}
       else
 	{
-	  strcat (buf, " | ");
-	  strcat (buf, d);
+	  strncat (buf, " | ", bufsize-strlen(buf)-1);
+	  strncat (buf, d, bufsize-strlen(buf)-1);
 	}
     }
 }
 
 int
-parse_roff_directive (cp, file, buf)
+parse_roff_directive (cp, file, buf, bufsize)
   char *cp;
   char *file;
   char *buf;
+  int bufsize;
 {
   char c;
   int first = 1;
@@ -834,9 +833,9 @@ parse_roff_directive (cp, file, buf)
 	    fprintf (stderr, "found eqn(1) directive\n");
 
 	  if (troff)
-	    add_directive (&first, EQN, file, buf);
+	    add_directive (&first, EQN, file, buf, bufsize);
 	  else
-	    add_directive (&first, NEQN, file, buf);
+	    add_directive (&first, NEQN, file, buf, bufsize);
 
 	  break;
 
@@ -845,7 +844,7 @@ parse_roff_directive (cp, file, buf)
 	  if (debug)
 	    fprintf (stderr, "found grap(1) directive\n");
 
-	  add_directive (&first, GRAP, file, buf);
+	  add_directive (&first, GRAP, file, buf, bufsize);
 
 	  break;
 
@@ -854,7 +853,7 @@ parse_roff_directive (cp, file, buf)
 	  if (debug)
 	    fprintf (stderr, "found pic(1) directive\n");
 
-	  add_directive (&first, PIC, file, buf);
+	  add_directive (&first, PIC, file, buf, bufsize);
 
 	  break;
 
@@ -864,7 +863,7 @@ parse_roff_directive (cp, file, buf)
 	    fprintf (stderr, "found tbl(1) directive\n");
 
 	  tbl_found++;
-	  add_directive (&first, TBL, file, buf);
+	  add_directive (&first, TBL, file, buf, bufsize);
 	  break;
 
 	case 'v':
@@ -872,7 +871,7 @@ parse_roff_directive (cp, file, buf)
 	  if (debug)
 	    fprintf (stderr, "found vgrind(1) directive\n");
 
-	  add_directive (&first, VGRIND, file, buf);
+	  add_directive (&first, VGRIND, file, buf, bufsize);
 	  break;
 
 	case 'r':
@@ -880,7 +879,7 @@ parse_roff_directive (cp, file, buf)
 	  if (debug)
 	    fprintf (stderr, "found refer(1) directive\n");
 
-	  add_directive (&first, REFER, file, buf);
+	  add_directive (&first, REFER, file, buf, bufsize);
 	  break;
 
 	case ' ':
@@ -903,19 +902,19 @@ parse_roff_directive (cp, file, buf)
 #ifdef HAS_TROFF
   if (troff)
     {
-      strcat (buf, " | ");
-      strcat (buf, TROFF);
+      strncat (buf, " | ", bufsize-strlen(buf)-1); 
+      strncat (buf, TROFF, bufsize-strlen(buf)-1);
     }
   else
 #endif
     {
-      strcat (buf, " | ");
-      strcat (buf, NROFF);
+      strncat (buf, " | ", bufsize-strlen(buf)-1); 
+      strncat (buf, NROFF, bufsize-strlen(buf)-1);
     }
   if (tbl_found && !troff && strcmp (COL, "") != 0)
     {
-      strcat (buf, " | ");
-      strcat (buf, COL);
+      strncat (buf, " | ", bufsize-strlen(buf)-1); 
+      strncat (buf, COL, bufsize-strlen(buf)-1);
     }
 
   return 0;
@@ -936,7 +935,7 @@ make_roff_command (file)
       if (debug)
 	fprintf (stderr, "parsing directive from command line\n");
 
-      status = parse_roff_directive (roff_directive, file, buf);
+      status = parse_roff_directive (roff_directive, file, buf, sizeof(buf));
 
       if (status == 0)
 	return buf;
@@ -948,13 +947,13 @@ make_roff_command (file)
   if ((fp = fopen (file, "r")) != NULL)
     {
       cp = line;
-      fgets (line, 100, fp);
+      fgets (line, BUFSIZ, fp);
       if (*cp++ == '\'' && *cp++ == '\\' && *cp++ == '"' && *cp++ == ' ')
 	{
 	  if (debug)
 	    fprintf (stderr, "parsing directive from file\n");
 
-	  status = parse_roff_directive (cp, file, buf);
+	  status = parse_roff_directive (cp, file, buf, sizeof(buf));
 
 	  fclose (fp);
 
@@ -980,7 +979,7 @@ make_roff_command (file)
       if (debug)
 	fprintf (stderr, "parsing directive from environment\n");
 
-      status = parse_roff_directive (cp, file, buf);
+      status = parse_roff_directive (cp, file, buf, sizeof(buf));
 
       if (status == 0)
 	return buf;
@@ -1000,13 +999,13 @@ make_roff_command (file)
     {
       if (strcmp (TBL, "") != 0)
 	{
-	  strcat (buf, TBL);
-	  strcat (buf, " | ");
-	  strcat (buf, TROFF);
+	  strncat(buf, TBL, sizeof(buf)-strlen(buf)-1);
+	  strncat(buf, " | ", sizeof(buf)-strlen(buf)-1);
+	  strncat(buf, TROFF, sizeof(buf)-strlen(buf)-1);
 	}
       else
 	{
-	  strcat (buf, TROFF);
+	  strncat(buf, TROFF, sizeof(buf)-strlen(buf)-1);
 	}
     }
   else
@@ -1014,19 +1013,19 @@ make_roff_command (file)
     {
       if (strcmp (TBL, "") != 0)
 	{
-	  strcat (buf, TBL);
-	  strcat (buf, " | ");
-	  strcat (buf, NROFF);
+	  strncat(buf, TBL, sizeof(buf)-strlen(buf)-1);
+	  strncat(buf, " | ", sizeof(buf)-strlen(buf)-1);
+	  strncat(buf, NROFF, sizeof(buf)-strlen(buf)-1);
 	}
       else
 	{
-	  strcpy (buf, NROFF);
+	  strncpy (buf, NROFF, sizeof(buf));
 	}
 
       if (strcmp (COL, "") != 0)
 	{
-	  strcat (buf, " | ");
-	  strcat (buf, COL);
+	  strncat (buf, " | ", sizeof(buf)-strlen(buf)-1);
+	  strncat (buf, COL, sizeof(buf)-strlen(buf)-1);
 	}
     }
   return buf;
@@ -1514,7 +1513,8 @@ get_section_list ()
   int i;
   char *p;
   char *end;
-  static char *tmp_section_list[100];
+#define TMP_SECTION_LIST_SIZE 100
+  static char *tmp_section_list[TMP_SECTION_LIST_SIZE];
 
   if (colon_sep_section_list == NULL)
     {
@@ -1529,7 +1529,7 @@ get_section_list ()
     }
 
   i = 0;
-  for (p = colon_sep_section_list; ; p = end+1)
+  for (p = colon_sep_section_list; i < TMP_SECTION_LIST_SIZE ; p = end+1) 
     {
       if ((end = strchr (p, ':')) != NULL)
 	*end = '\0';