Date: Thu, 27 Jul 2000 21:39:09 -0700 (PDT) From: John Polstra <jdp@polstra.com> To: arch@FreeBSD.ORG Cc: rwatson@FreeBSD.ORG Subject: Re: How much security should ldconfig enforce? Message-ID: <200007280439.VAA25171@vashon.polstra.com> In-Reply-To: <Pine.NEB.3.96L.1000727111119.93015D-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1000727111119.93015D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.NEB.3.96L.1000727111119.93015D-100000@fledge.watson.org>, Robert Watson <rwatson@FreeBSD.ORG> wrote: > I would support either the "revert" or (3) option, but definitely > not support this being a compile-time flag. Don't worry, it isn't going to be a compile-time flag. :-) > So my preference here is: permissions and ownership in the base > install are fine. The default compile (and preferably install) > should allow users to include group-writable shared library paths, > if not world-writable paths. One thing to consider is that the hints file is only writable by root. In fact, ldconfig sets it to mode 444 every time it updates it. So your average user can't even _run_ ldconfig in any mode except to list the existing hints file. Allowing group-writable shared library directories is useless for adding new directories because you still have to persuade root to run the ldconfig command for you. OTOH, if ldconfig has already been run then you can add new files to an existing directory without rerunning ldconfig. (That's specific to ELF. It won't work for a.out.) Does this change your opinion? John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007280439.VAA25171>