From owner-cvs-all  Tue Apr 23  9:15:59 2002
Delivered-To: cvs-all@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id A823237B404; Tue, 23 Apr 2002 09:15:54 -0700 (PDT)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.11.6/8.11.6) with SMTP id g3NGFhw88191;
	Tue, 23 Apr 2002 12:15:44 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Tue, 23 Apr 2002 12:15:43 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: Mike Barcroft <mike@FreeBSD.org>
Cc: "M. Warner Losh" <imp@village.org>, nectar@FreeBSD.org,
	phk@critter.freebsd.dk, wollman@lcs.mit.edu,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h
In-Reply-To: <20020423120949.G72727@espresso.q9media.com>
Message-ID: <Pine.NEB.3.96L.1020423121418.55944G-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Tue, 23 Apr 2002, Mike Barcroft wrote:

> Again, I don't mind this being a kernel option.  Even if it's turned on
> by default, or we use a reverse kernel option to turn it off. 
> 
> A user should be able to choose the security policy of his/her system. 
> If that means one has to add `option POSIX_SETUGID_HANDLING', that's
> fine, but to force a security policy down a user's throat, I think, is
> wrong.  This applies to Robert's comments as well. 

Sounds fine to me, although it does raise the spectre of bit rot. 
However, that will be a new feature, rather than an existing one, since a
state of POSIX compliance for the exec of setugid applications hasn't
existed {for a long time, ever}. :-)  A few #ifndef
POSIX_SETUGID_HANDLING's won't hurt, and will nicely match the
POSIX-related confusion in kern_prot.c.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message