Date: Fri, 14 Dec 2001 14:43:52 +0200 From: Ruslan Ermilov <ru@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: Greg Lehey <grog@FreeBSD.org>, Garance A Drosihn <drosih@rpi.edu>, Peter Wemm <peter@wemm.org>, Nik Clayton <nik@FreeBSD.org>, Warner Losh <imp@harmony.village.org>, ache@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: Changing 'man' to check alternate destination for 'cat' pages Message-ID: <20011214144352.A71966@sunbay.com> In-Reply-To: <Pine.NEB.3.96L.1011214052132.74588S-100000@fledge.watson.org> References: <20011214101857.C35094@sunbay.com> <Pine.NEB.3.96L.1011214052132.74588S-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 14, 2001 at 05:27:49AM -0500, Robert Watson wrote: > > On Fri, 14 Dec 2001, Ruslan Ermilov wrote: > > > Just having a CATMAN envariable is not enough, this would break many > > things. There are hosts on which people use different locales > > simultaneously. Look at how the usr/share/man/en.ISO8859-1 is organized > > nowadays, and realize why, while sharing the man? directories with the > > .., it has its own cat? directories. > > Not to mention the security issues -- the one nice thing about the > hard-coded catman right now is that it greatly limits the scope for damage > from a setuid man. I'm not entirely opposed to the notion of configuring > its location in /etc/man.conf or something, but agree that a run-time > user-tunable version of the same would be worrying. Even leaving aside > the more serious attacks, imagine for a moment what would happen if > arbitrary users could tweak the contents of arbitrary .8 man pages :-). > > > The "cat" feature of man(1) is insecure, and is probably going to be > > nuked after a release of 4.5. > > Great! I've been hoping for that for years. :-) > Can I take it as an approval from core@ or security-officer@ team, both of which you are a member of? :-) Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011214144352.A71966>