Date: Fri, 20 Aug 2010 21:40:29 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: "M. Warner Losh" <imp@bsdimp.com> Cc: attilio@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r211393 - head/lib/libutil Message-ID: <86iq35dqdu.fsf@ds4.des.no> In-Reply-To: <20100820.133240.271446115529437414.imp@bsdimp.com> (M. Warner Losh's message of "Fri, 20 Aug 2010 13:32:40 -0600 (MDT)") References: <861v9ty7bg.fsf@ds4.des.no> <20100820.123742.600640546137300360.imp@bsdimp.com> <86bp8xf5u6.fsf@ds4.des.no> <20100820.133240.271446115529437414.imp@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"M. Warner Losh" <imp@bsdimp.com> writes: > Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: > > "M. Warner Losh" <imp@bsdimp.com> writes: > > > And we're back to the reason for why issetugid() :) > > Does setuid() "untaint" a program? > No. Yet I would argue that it is safe to apply the user's .login_conf after setuid(), so issetugid() is not an appropriate test. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86iq35dqdu.fsf>