Date: Tue, 5 Oct 1999 02:52:27 -0400 (EDT) From: Mike Nowlin <mike@argos.org> To: Hank Leininger <hlein@progressive-comp.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Message-ID: <Pine.LNX.4.05.9910050245560.30830-100000@jason.argos.org> In-Reply-To: <199910041226.IAA14566@mailer.progressive-comp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> owned by root or the UID/EUID of the process. This is what Solar > Designer's patches for Linux have done for some time now. It seems to > break little (nothing, except POSIX? ;) and is quite effective. SolarD's Not sure if your comment SAID that it breaks POSIX or not, but in this day and age of trying to come up with a standard that people can both believe in and rely on, "breaking POSIX" isn't something that should be taken too lightly. Although there's a lot of quirks and overall dumbness in POSIX, the rules were meant for a reason. I don't claim to be a POSIX expert, but if this did break one of the guidelines, it would be a shame to have to come back in three or four years and say "Linux and FreeBSD? Well, they're sort of POSIX-compliant, but they screwed it up by....." Maybe there's some other (better) way to solve this problem? --mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9910050245560.30830-100000>