From owner-freebsd-security Wed Feb 5 12:43:03 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA10262 for security-outgoing; Wed, 5 Feb 1997 12:43:03 -0800 (PST) Received: from enteract.com (root@enteract.com [206.54.252.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA10246 for ; Wed, 5 Feb 1997 12:42:51 -0800 (PST) Received: (from tqbf@localhost) by enteract.com (8.8.5/8.7.6) id OAA27560 for freebsd-security@freebsd.org; Wed, 5 Feb 1997 14:42:50 -0600 (CST) From: "Thomas H. Ptacek" Message-Id: <199702052042.OAA27560@enteract.com> Subject: While we're on the subject... To: freebsd-security@freebsd.org Date: Wed, 5 Feb 1997 14:42:07 -0600 (CST) Reply-To: tqbf@enteract.com X-Mailer: ELM [version 2.4 PL24 ME8a] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk OpenBSD has the locale issue resolved reliably already. OpenBSD supports issetugid(). Thus, I can tell, even when I'm deep in libc, if I was called from an SUID program. I can do that because execve() flipped a bit in my proc structure when it noticed that I was SUID. This is a good thing. Meaningless UID checks probably aren't. Anything could have happened to my creds, depending on the programmer calling the library, and I have no way of determining what happened. What's holding FreeBSD up on supporting issetugid()? ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "I'm standing alone, I'm watching you all, I'm seeing you sinking."