Date: Sat, 22 Apr 1995 00:31:34 +1000 From: Bruce Evans <bde@zeta.org.au> To: erandall@muffit.reo.dec.com, freebsd-security@FreeBSD.org Subject: Re: Call for remove setr[ug]id() and setre[ug]id() from libc Message-ID: <199504211431.AAA23449@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>Exactly which functions are you planning to remove : >and from where ? setruid remove (library) setreuid remove (library) setrgid remove (library) setregid remove (library) osetreuid ? (syscall) osetregid ? (syscall) seteuid keep? (syscall) setegid keep? (syscall) >Please be aware that if you simply remove something, you will most likely >prevent various (unknown) applications from compiling. This is really the point. If the applications expect 4.3BSD semantics then they may not work right with 4.4BSD semantics. They need to be checked for new security holes, and the compatibility functions can easily be replaced as part of the checking. >Wouldn't it be better to FIX these functions to match the POSIX standard, and >patch up the security holes ? POSIX compliance has surely to be the goal, and >removing any POSIX functions altogether will miss the target as surely as if >the functions are broken. All of these functions are outside the POSIX standard. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199504211431.AAA23449>