Date: Fri, 14 Dec 2001 05:27:49 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: Ruslan Ermilov <ru@FreeBSD.org> Cc: Greg Lehey <grog@FreeBSD.org>, Garance A Drosihn <drosih@rpi.edu>, Peter Wemm <peter@wemm.org>, Nik Clayton <nik@FreeBSD.org>, Warner Losh <imp@harmony.village.org>, ache@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: Changing 'man' to check alternate destination for 'cat' pages Message-ID: <Pine.NEB.3.96L.1011214052132.74588S-100000@fledge.watson.org> In-Reply-To: <20011214101857.C35094@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 14 Dec 2001, Ruslan Ermilov wrote: > Just having a CATMAN envariable is not enough, this would break many > things. There are hosts on which people use different locales > simultaneously. Look at how the usr/share/man/en.ISO8859-1 is organized > nowadays, and realize why, while sharing the man? directories with the > .., it has its own cat? directories. Not to mention the security issues -- the one nice thing about the hard-coded catman right now is that it greatly limits the scope for damage from a setuid man. I'm not entirely opposed to the notion of configuring its location in /etc/man.conf or something, but agree that a run-time user-tunable version of the same would be worrying. Even leaving aside the more serious attacks, imagine for a moment what would happen if arbitrary users could tweak the contents of arbitrary .8 man pages :-). > The "cat" feature of man(1) is insecure, and is probably going to be > nuked after a release of 4.5. Great! I've been hoping for that for years. :-) Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1011214052132.74588S-100000>