From owner-freebsd-arch  Thu Feb 15 13:23:21 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3A58F37B4EC; Thu, 15 Feb 2001 13:23:17 -0800 (PST)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.11.1/8.11.1) with SMTP id f1FLNFh46547;
	Thu, 15 Feb 2001 16:23:16 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Thu, 15 Feb 2001 16:23:15 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: Ruslan Ermilov <ru@FreeBSD.org>
Cc: arch@FreeBSD.org
Subject: Re: [Call for *quick* review] architecture-specific manpages
In-Reply-To: <20010215211404.A44780@sunbay.com>
Message-ID: <Pine.NEB.3.96L.1010215161901.45974A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, 15 Feb 2001, Ruslan Ermilov wrote:

> The attached patch implements one nice feature of original BSD man(1),
> to look into the machine-specific subdirectory, specifically:
> 
> : As some manual pages are intended only for specific architectures,
> : man searches any subdirectories, with the same name as the current
> : architecture, in every directory which it searches.  Machine specific
> : areas are checked before general areas.  The current machine type may
> : be overridden by setting the environment variable MACHINE to the name
> : of a specific architecture.
> 
> This would eliminate the need to MLINK every arch-specific file to the
> parent directory, and would allow us to have both architecture-specific
> and generic manpages with the same name in the same section.

It's a good idea to check the results of calls like snprintf or you can
get truncation bugs.  I'd recommend you go pass these patches by -audit. 
Any time you have programs running with privilege of some sort (and yes,
setuid man or setgid man counts as privilege), you have to be *really*
careful.  These patches do not appear to be very careful at all, and they
seem to make heavy use of environmental variables in constructing strings. 

I'd personally feel a lot more comfortable with all this if we'd simply
remove the setuid/setgid man'ness of man, and either pre-generate cached
pages as appropriate, or simply eschew caching, given the speed of modern
machines. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message