From owner-svn-src-head@FreeBSD.ORG Fri Dec 23 16:22:36 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 23A631065675; Fri, 23 Dec 2011 16:22:36 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id EA9638FC1E; Fri, 23 Dec 2011 16:22:35 +0000 (UTC) Received: from bigwig.baldwin.cx (bigwig.baldwin.cx [96.47.65.170]) by cyrus.watson.org (Postfix) with ESMTPSA id A065F46B45; Fri, 23 Dec 2011 11:22:35 -0500 (EST) Received: from jhbbsd.localnet (unknown [209.249.190.124]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id 2F345B93F; Fri, 23 Dec 2011 11:22:35 -0500 (EST) From: John Baldwin To: Colin Percival Date: Fri, 23 Dec 2011 11:22:34 -0500 User-Agent: KMail/1.13.5 (FreeBSD/8.2-CBSD-20110714-p8; KDE/4.5.5; amd64; ; ) References: <201112231500.pBNF0c0O071712@svn.freebsd.org> <201112231058.46642.jhb@freebsd.org> In-Reply-To: <201112231058.46642.jhb@freebsd.org> MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201112231122.34436.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (bigwig.baldwin.cx); Fri, 23 Dec 2011 11:22:35 -0500 (EST) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec... X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 16:22:36 -0000 On Friday, December 23, 2011 10:58:46 am John Baldwin wrote: > On Friday, December 23, 2011 10:00:38 am Colin Percival wrote: > > Author: cperciva > > Date: Fri Dec 23 15:00:37 2011 > > New Revision: 228843 > > URL: http://svn.freebsd.org/changeset/base/228843 > > > > Log: > > Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06] > > > > Add an API for alerting internal libc routines to the presence of > > "unsafe" paths post-chroot, and use it in ftpd. [11:07] > > Eh, the whole libc_dlopen() thing looks like a gross hack (and who came > up with that weird symbol name for a public API????). Is it really even > needed given the other fix to have ftpd drop privilege before execing a > helper program? I guess the main reason I don't like it is it doesn't do > anything to address the more general problem. I would have expected instead > something to restrict dlopen() entirely including from other libraries than > just libc in certain circumstances. At the very least if we feel that the libc_dlopen() thing is a temporary band-aid, we should move the new symbols into the private namespace so we can remove them once the better fix is in rather than being required to support them forever. -- John Baldwin