From owner-cvs-lib Mon Mar 24 07:29:23 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id HAA13508 for cvs-lib-outgoing; Mon, 24 Mar 1997 07:29:23 -0800 (PST) Received: from rover.village.org (rover.village.org [204.144.255.49]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id HAA13222; Mon, 24 Mar 1997 07:25:55 -0800 (PST) Received: from rover.village.org [127.0.0.1] by rover.village.org with esmtp (Exim 0.56 #1) id E0w9BaA-00057e-00; Mon, 24 Mar 1997 08:22:46 -0700 To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= Subject: Re: cvs commit: src/lib/libc/stdtime localtime.c Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-lib@freefall.freebsd.org In-reply-to: Your message of "Mon, 24 Mar 1997 16:28:41 +0300." References: Date: Mon, 24 Mar 1997 08:22:46 -0700 From: Warner Losh Message-Id: Sender: owner-cvs-lib@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk In message =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= writes: : You can't determine setuid without issetuid() syscall implementing, so : this change gives only false sense of security. Priveledges can be : dropped before the moment you check them using getuid()/geteuid() and : restored back to suid after your check, so your check gains nothing. If privs are dropped, then my check is still valid. I think this is acceptible. Since if the privs are dropped, the user is running normal, there is no need for this check which just prevents people from reading files they otherwise shouldn't be reading. Warner