Date: Thu, 4 Jan 2001 17:20:05 -0500 From: Will Andrews <will@physics.purdue.edu> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: current@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/apply apply.c Message-ID: <20010104172004.P86630@argon.firepipe.net> In-Reply-To: <200101041909.OAA61522@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, Jan 04, 2001 at 02:09:53PM -0500 References: <200101041905.f04J5ou82617@freefall.freebsd.org> <200101041909.OAA61522@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 04, 2001 at 02:09:53PM -0500, Garrett Wollman wrote: > What is the reason for this change? Paranoia. There's nothing wrong with a little extra paranoia in case someone tries to use apply(1) through suidperl on a web interface. Granted, it's not likely to happen, but you never know. > I see no benefit in modifying many programs in this manner which do > not ordinarily run with elevated privileges. I do; FreeBSD's reputation for security. There's nothing like having some confidence in the OS. > It is the responsibility of those programs that do, to ensure that the > environment passed to their children is safe and sane. So what? Not that many people consider security concerns, let alone write them. What, exactly, are we trading off by making apply(1) a bit more paranoid? A couple extra cpu cycles? Maybe you haven't noticed, but these days there's almost nobody still using 100MHz chips. And out of the ones that do, how many will use apply(1) more than once or twice in the lifetime of the machine? I think such logic could be applied to most usr.bin and probably other parts of the tree. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010104172004.P86630>