Date: Fri, 23 Dec 2011 10:58:46 -0500 From: John Baldwin <jhb@freebsd.org> To: Colin Percival <cperciva@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec... Message-ID: <201112231058.46642.jhb@freebsd.org> In-Reply-To: <201112231500.pBNF0c0O071712@svn.freebsd.org> References: <201112231500.pBNF0c0O071712@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, December 23, 2011 10:00:38 am Colin Percival wrote: > Author: cperciva > Date: Fri Dec 23 15:00:37 2011 > New Revision: 228843 > URL: http://svn.freebsd.org/changeset/base/228843 > > Log: > Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06] > > Add an API for alerting internal libc routines to the presence of > "unsafe" paths post-chroot, and use it in ftpd. [11:07] Eh, the whole libc_dlopen() thing looks like a gross hack (and who came up with that weird symbol name for a public API????). Is it really even needed given the other fix to have ftpd drop privilege before execing a helper program? I guess the main reason I don't like it is it doesn't do anything to address the more general problem. I would have expected instead something to restrict dlopen() entirely including from other libraries than just libc in certain circumstances. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112231058.46642.jhb>