From owner-freebsd-security Thu Apr 20 10:48:54 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id KAA03417 for security-outgoing; Thu, 20 Apr 1995 10:48:54 -0700 Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id KAA03410 ; Thu, 20 Apr 1995 10:48:40 -0700 Received: by sequent.kiae.su id AA14178 (5.65.kiae-2 ); Thu, 20 Apr 1995 21:45:46 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Thu, 20 Apr 95 21:45:44 +0400 Received: (from ache@localhost) by astral.msk.su (8.6.8/8.6.6) id VAA02695; Thu, 20 Apr 1995 21:20:36 +0400 To: arch@FreeBSD.org, core@FreeBSD.org, security@FreeBSD.org References: In-Reply-To: ; from "Andrey A. Chernov" at Wed, 19 Apr 1995 23:49:25 +0400 Message-Id: Organization: Olahm Ha-Yetzirah Date: Thu, 20 Apr 1995 21:20:35 +0400 X-Mailer: Mail/@ [v2.32 FreeBSD] From: "Andrey A. Chernov, Black Mage" X-Class: Fast Subject: Re: Call for remove setr[ug]id() and setre[ug]id() from libc Lines: 20 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Length: 839 Sender: security-owner@FreeBSD.org Precedence: bulk In message Andrey A. Chernov writes: >I vote for removing this fuctions completely from library >sources, it is only one safe variant, if we can't implement >them in 100%. More info: osetreuid/osetregid syscalls check arguments in the same way that lib function does, and they are only a little bit safe, because testing of s[rg]id independs of place calling. They both can't be implemented, they are violation of POSIX, so I prefer to remove them to not make security hole. If none object, I'll commit the change. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - FidoNet: 2:5020/230.3 : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849