Date: Wed, 17 Nov 1999 21:57:10 +0100 (CET) From: Oliver Fromme <olli@dorifer.heim3.tu-clausthal.de> To: freebsd-current@FreeBSD.ORG Subject: Re: PATCH for testing Message-ID: <199911172057.VAA06032@dorifer.heim3.tu-clausthal.de>
next in thread | raw e-mail | index | archive | help
Julian Elischer wrote in list.freebsd-current:
> On Wed, 17 Nov 1999, Oliver Fromme wrote:
> > Adam Wight wrote in list.freebsd-current:
> > > x I like the -e option when I'm root and trying to debug things. I
> > > x think that peter's fix seems to be ideal. You can find out about your
> > > x own uid, but no one else's unless you are root.
> > >
> > > I agree, but anything that runs suid has to be excluded as well.
> >
> > FWIW, I'd be against removing or restricting -e at all.
> >
> > Programs that put sensitive data into environment variables
> > (or expect the user to do that) are just _broken_. Removing
> > or restricting the -e option encourages such brokenness.
> >
> > Just my 0.02 Euro.
>
> since the environment is supposed to be part of the address space
> it is ssupposed to be private..
But it is not, and programmers should be aware of it.
On all platforms on which I regularly work (*BSD, Solaris,
DEC UNIX a.k.a Tru64) the environments of all processes are
public.
Regards
Oliver
--
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:olli@dorifer.heim3.tu-clausthal.de)
"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
(Terry Pratchett)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911172057.VAA06032>