Date: Wed, 5 Feb 1997 14:42:07 -0600 (CST) From: "Thomas H. Ptacek" <tqbf@enteract.com> To: freebsd-security@freebsd.org Subject: While we're on the subject... Message-ID: <199702052042.OAA27560@enteract.com>
next in thread | raw e-mail | index | archive | help
OpenBSD has the locale issue resolved reliably already. OpenBSD supports issetugid(). Thus, I can tell, even when I'm deep in libc, if I was called from an SUID program. I can do that because execve() flipped a bit in my proc structure when it noticed that I was SUID. This is a good thing. Meaningless UID checks probably aren't. Anything could have happened to my creds, depending on the programmer calling the library, and I have no way of determining what happened. What's holding FreeBSD up on supporting issetugid()? ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "I'm standing alone, I'm watching you all, I'm seeing you sinking."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052042.OAA27560>