From owner-freebsd-bugs Sat May 6 6:30:27 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from aaz.links.ru (aaz.links.ru [193.125.152.37]) by hub.freebsd.org (Postfix) with ESMTP id 72F0337B9D7 for ; Sat, 6 May 2000 06:30:24 -0700 (PDT) (envelope-from babolo@links.ru) Received: (from babolo@localhost) by aaz.links.ru (8.9.3/8.9.3) id RAA28144; Sat, 6 May 2000 17:30:04 +0400 (MSD) Message-Id: <200005061330.RAA28144@aaz.links.ru> Subject: Re: bin/18373: security checs in userland programs (Was: pkg_delete shouldn't ... ) In-Reply-To: from "Nick Hibma" at "May 5, 0 09:59:12 am" To: n_hibma@calcaphon.com Date: Sat, 6 May 2000 17:30:02 +0400 (MSD) Cc: jin@george.lbl.gov, nbm@mithrandr.moria.org, freebsd-bugs@FreeBSD.ORG From: "Aleksandr A.Babaylov" MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Nick Hibma writes: > > If you have created a port at some stage you can see the point in > actually being able to install it in a different location. It _would_ > allow you to test a port on a machine (an Alpha for example) where you > do _not_ have access to a root login. > > I can clearly see Neal's point. And I think it is a valid one at that as > well. There no sense to check any security things in userland proggams at all. The main Neal's point (as for me) is that anybody can translate program for himself without any checks so there is no way to secure system in such a way and any such test is garbage only. -- @BABOLO http://links.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message