Date: Wed, 05 Feb 1997 14:11:36 -0800 From: David Greenman <dg@root.com> To: tqbf@enteract.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: While we're on the subject... Message-ID: <199702052211.OAA11478@root.com> In-Reply-To: Your message of "Wed, 05 Feb 1997 14:42:07 CST." <199702052042.OAA27560@enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>OpenBSD has the locale issue resolved reliably already. > >OpenBSD supports issetugid(). > >Thus, I can tell, even when I'm deep in libc, if I was called from an SUID >program. I can do that because execve() flipped a bit in my proc structure >when it noticed that I was SUID. > >This is a good thing. > >Meaningless UID checks probably aren't. Anything could have happened to my >creds, depending on the programmer calling the library, and I have no way >of determining what happened. > >What's holding FreeBSD up on supporting issetugid()? It might not be a sufficient interface to solve the problem, but it is being considered and will likely be implemented once we get beyond this current mess. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052211.OAA11478>