From owner-freebsd-emulation@FreeBSD.ORG  Mon Nov 26 21:24:21 2012
Return-Path: <owner-freebsd-emulation@FreeBSD.ORG>
Delivered-To: freebsd-emulation@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id E32219B3
 for <freebsd-emulation@freebsd.org>; Mon, 26 Nov 2012 21:24:21 +0000 (UTC)
 (envelope-from freebsd-emulation@m.gmane.org)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 966B18FC12
 for <freebsd-emulation@freebsd.org>; Mon, 26 Nov 2012 21:24:21 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <freebsd-emulation@m.gmane.org>) id 1Td6AI-0005W7-8Z
 for freebsd-emulation@freebsd.org; Mon, 26 Nov 2012 22:24:30 +0100
Received: from l.saper.info ([91.121.203.103])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-emulation@freebsd.org>; Mon, 26 Nov 2012 22:24:30 +0100
Received: from saper by l.saper.info with local (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-emulation@freebsd.org>; Mon, 26 Nov 2012 22:24:30 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-emulation@freebsd.org
From: Marcin Cieslak <saper@saper.info>
Subject: Re: kern/21463: [linux] Linux compatability mode should not allow
 setuid programs
Date: Mon, 26 Nov 2012 21:24:08 +0000 (UTC)
Organization: http://saper.info
Lines: 10
Message-ID: <slrnkb7nfq.1cg.saper@saper.info>
References: <201109240413.p8O4DVK2076291@freefall.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: l.saper.info
User-Agent: slrn/0.9.9p1 (FreeBSD)
X-BeenThere: freebsd-emulation@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Development of Emulators of other operating systems
 <freebsd-emulation.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-emulation>, 
 <mailto:freebsd-emulation-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-emulation>
List-Post: <mailto:freebsd-emulation@freebsd.org>
List-Help: <mailto:freebsd-emulation-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-emulation>, 
 <mailto:freebsd-emulation-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2012 21:24:22 -0000

We implement AT_UID and AT_GID process auxillary vector
(procstat -x) elements so at least userland library
(such as glibc) has a possibility to enter "secure mode"
on startup.

Not sure if there is anything we can do more (except
for disabling the feature altogether) to tell userland
to be careful.

//Marcin