Date: Sun, 03 Jul 2005 01:04:39 -0000 From: Peter Jeremy <PeterJeremy@optushome.com.au> To: Pawel Jakub Dawidek <pjd@freebsd.org> Cc: cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.c Message-ID: <20050118082819.GF79646@cirb503493.alcatel.com.au> In-Reply-To: <20050117203938.GB795@darkness.comp.waw.pl> References: <200501171957.j0HJvxst075036@repoman.freebsd.org> <20050117203938.GB795@darkness.comp.waw.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2005-Jan-17 21:39:38 +0100, Pawel Jakub Dawidek wrote: >On Mon, Jan 17, 2005 at 07:57:59PM +0000, Robert Watson wrote: >+> If su(1) is run without an effective uid of 0, generate an error to >+> the user indicating that su is not running setuid, which may help >+> suggest to the user that it should be setuid, or should not be >+> running from a file system mounted nosuid. > >Shouldn't this be done for every setuid utility? Why only su(1)? su used to generate the message "Sorry" for all errors. Other utilities will hopefully generate more meaningful error messages. One option for the last point would be to include a check in do_execve() that warns where the setuid/setgid bits are ignored because the filesystem is mounted nosuid. -- Peter Jeremy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050118082819.GF79646>