Date: Thu, 27 Jul 2000 16:59:32 +0200 From: Mark Huizer <freebsd@dohd.cx> To: John Polstra <jdp@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sbin/ldconfig elfhints.c ldconfig.8 ldconfig.c Message-ID: <20000727165932.A6878@dohd.cx> In-Reply-To: <200007260447.VAA44122@freefall.freebsd.org>; from jdp@FreeBSD.org on Tue, Jul 25, 2000 at 09:47:17PM -0700 References: <200007260447.VAA44122@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 25, 2000 at 09:47:17PM -0700, John Polstra wrote: > jdp 2000/07/25 21:47:17 PDT > > Modified files: > sbin/ldconfig elfhints.c ldconfig.8 ldconfig.c > Log: > If a directory is world-writable or is not owned by root, skip it > and emit a warning. This is a security measure since ldconfig > influences the shared libraries used by all programs. > > I think the check should be made even more stringent by also > ignoring group-writable directories. I will make that change soon > unless we encounter a good reason not to do it. > > Submitted by: Maxime Henrion <mhenrion@cybercable.fr> group-writable is a bad thing I'd say. We have machines with a /usr/local and /usr/exp writable for groupmembers of local and exp. The people in local are trusted enough to install libs in /usr/local/lib. So it's group writable. Mark -- Nice testing in little China... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000727165932.A6878>