From owner-cvs-all  Fri Apr 19  4:36:19 2002
Delivered-To: cvs-all@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1AE6A37B416; Fri, 19 Apr 2002 04:36:14 -0700 (PDT)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.12.2/8.12.2) with ESMTP id g3JBZvHx011658;
	Fri, 19 Apr 2002 13:36:02 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Brian Somers <brian@freebsd-services.com>
Cc: Garrett Wollman <wollman@lcs.mit.edu>,
	"J. Mallett" <jmallett@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h 
In-Reply-To: Your message of "Fri, 19 Apr 2002 12:25:12 BST."
             <200204191125.g3JBPCSg072782@hak.lan.Awfulhak.org> 
Date: Fri, 19 Apr 2002 13:35:57 +0200
Message-ID: <11657.1019216157@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

In message <200204191125.g3JBPCSg072782@hak.lan.Awfulhak.org>, Brian Somers wri
tes:

>I agree with Garrett.  This change is *very* broken.
>
>[...]
>
>Agreed, a program that does this is broken, but I believe the program 
>needs to be fixed, not the kernel.

While I agree that this change is not quite orthodox, I don't think
we can educate the masses of lousy programmers out there to not
do stupid things any time soon.

I can't think of any programs that will break as a result of this,
in particular I cannot think of any setuid programs which it will
break.

OpenBSD has done this for a couple of years, and that hasn't rid us
of Theo so it obviously is not a total catastrophy.

Finally, since this has not been discussed on any lists, I would
expect this to be in reponse to some tangible threat, (most likely
somewhere in ports ?)  so we probably don't have much of a choice
anyway.

So can we avoid giving our security-officer a hard time for doing
his job ?  Please ?

Thankyou!

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message