From owner-freebsd-hackers Mon Aug 24 13:14:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA28841 for freebsd-hackers-outgoing; Mon, 24 Aug 1998 13:14:26 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from zippy.dyn.ml.org (kenya-155.ppp.hooked.net [206.169.227.155]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA28834 for ; Mon, 24 Aug 1998 13:14:23 -0700 (PDT) (envelope-from garbanzo@hooked.net) Received: from localhost (garbanzo@localhost) by zippy.dyn.ml.org (8.9.1/8.8.8) with SMTP id NAA12703; Mon, 24 Aug 1998 13:14:48 -0700 (PDT) (envelope-from garbanzo@hooked.net) X-Authentication-Warning: zippy.dyn.ml.org: garbanzo owned process doing -bs Date: Mon, 24 Aug 1998 13:14:47 -0700 (PDT) From: Alex X-Sender: garbanzo@zippy.dyn.ml.org To: Robert Watson cc: David Kirchner , "B. Richardson" , hackers@FreeBSD.ORG Subject: Re: I want to break binary compatibility. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 24 Aug 1998, Robert Watson wrote: > > Or, alternatively, just a file system flag "approved" that indicates a > binary has been approved for execution by the system operator. This would > be default set on installed binaries, but could only be added by uid 0 (or > gid 0 or something). > > However, this runs into the problem of shared libraries -- as long as > LD_LIBRARY_PATH exists, the possibility of running user-specified code > also exists. This also doesn't help you if the bugs are in existing code > (that is, in sperl :). Yes, but one could easily hardcode LD_LIBRARY_PATH to search /usr/lib or whatever first. - alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message