From owner-cvs-src@FreeBSD.ORG Sun Jul 3 01:04:39 2005 Return-Path: X-Original-To: cvs-src@freebsd.org Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 715E616AB35; Sun, 3 Jul 2005 00:57:43 +0000 (GMT) (envelope-from ps@mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7D4B544422; Sun, 3 Jul 2005 00:39:12 +0000 (GMT) (envelope-from ps@mu.org) Received: by elvis.mu.org (Postfix, from userid 1000) id 86C9D6D9CB; Sat, 2 Jul 2005 17:37:41 -0700 (PDT) X-Original-To: ps@mu.org Delivered-To: ps@mu.org Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119]) by elvis.mu.org (Postfix) with ESMTP id CCA145C9CB for ; Tue, 18 Jan 2005 00:28:29 -0800 (PST) Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id BB656566B5 for ; Tue, 18 Jan 2005 08:28:29 +0000 (GMT) (envelope-from owner-src-committers@FreeBSD.org) Received: by hub.freebsd.org (Postfix) id 2471A16A4D9; Tue, 18 Jan 2005 08:28:26 +0000 (GMT) Delivered-To: ps@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 538) id 32C3416A4CF; Tue, 18 Jan 2005 08:28:24 +0000 (GMT) Delivered-To: src-committers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C550016A4DA; Tue, 18 Jan 2005 08:28:22 +0000 (GMT) Received: from mail23.syd.optusnet.com.au (mail23.syd.optusnet.com.au [211.29.133.164]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9BE243D53; Tue, 18 Jan 2005 08:28:21 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c211-30-75-229.belrs2.nsw.optusnet.com.au [211.30.75.229]) by mail23.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id j0I8SKcO022701 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 18 Jan 2005 19:28:20 +1100 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1]) by cirb503493.alcatel.com.au (8.12.10/8.12.10) with ESMTP id j0I8SJxP064136; Tue, 18 Jan 2005 19:28:20 +1100 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost) by cirb503493.alcatel.com.au (8.12.10/8.12.9/Submit) id j0I8SJxn064135; Tue, 18 Jan 2005 19:28:19 +1100 (EST) (envelope-from pjeremy) From: Peter Jeremy To: Pawel Jakub Dawidek Message-ID: <20050118082819.GF79646@cirb503493.alcatel.com.au> References: <200501171957.j0HJvxst075036@repoman.freebsd.org> <20050117203938.GB795@darkness.comp.waw.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050117203938.GB795@darkness.comp.waw.pl> User-Agent: Mutt/1.4.2i Sender: owner-src-committers@FreeBSD.org Precedence: bulk X-Loop: FreeBSD.ORG X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on elvis.mu.org X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.0.1 X-Spam-Level: Cc: cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Sun, 03 Jul 2005 01:04:41 -0000 X-Original-Date: Tue, 18 Jan 2005 19:28:19 +1100 X-List-Received-Date: Sun, 03 Jul 2005 01:04:41 -0000 On Mon, 2005-Jan-17 21:39:38 +0100, Pawel Jakub Dawidek wrote: >On Mon, Jan 17, 2005 at 07:57:59PM +0000, Robert Watson wrote: >+> If su(1) is run without an effective uid of 0, generate an error to >+> the user indicating that su is not running setuid, which may help >+> suggest to the user that it should be setuid, or should not be >+> running from a file system mounted nosuid. > >Shouldn't this be done for every setuid utility? Why only su(1)? su used to generate the message "Sorry" for all errors. Other utilities will hopefully generate more meaningful error messages. One option for the last point would be to include a check in do_execve() that warns where the setuid/setgid bits are ignored because the filesystem is mounted nosuid. -- Peter Jeremy