Date: Wed, 31 Aug 2005 21:00:59 +0200 From: Jilles Tjoelker <jilles@stack.nl> To: Michael Bushkov <bushman@rsu.ru> Cc: freebsd-current@freebsd.org, Dan Nelson <dnelson@allantgroup.com> Subject: Re: [PATCH] caching daemon release and nsswitch patches Message-ID: <20050831190059.GA23652@stack.nl> In-Reply-To: <20050830172127.E5409@stinger.cc.rsu.ru> References: <20050827170633.Y5409@stinger.cc.rsu.ru> <43123F3B.8070002@FreeBSD.org> <20050829115740.N5409@stinger.cc.rsu.ru> <20050829163025.GA25664@dan.emsphone.com> <20050830172127.E5409@stinger.cc.rsu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
[cc list stripped] On Tue, Aug 30, 2005 at 05:32:52PM +0400, Michael Bushkov wrote: > We can't ensure that, I guess. In the upcoming version (before the 1st of > September), the cache would be per-user. This would solve all the security > problems. In a little while, I'll implement the ability for cached to act > as nscd. So you'll be able to choose the behaviour. What about setuid/setgid programs then? setuid root programs can use root's cache, perhaps a similar thing could be done for other setuid programs, but what about setgid? perhaps don't cache at all for set*id programs (issetugid(2))? -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050831190059.GA23652>