Date: 6 Feb 1997 09:19:38 GMT From: peter@spinner.DIALix.COM (Peter Wemm) To: freebsd-security@freebsd.org Subject: Re: While we're on the subject... Message-ID: <855220778.617480@haywire.DIALix.COM> References: <199702052042.OAA27560@enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <199702052248.OAA18949@freefall.freebsd.org>, avalon@coombs.anu.edu.au (Darren Reed) writes: > In some mail from Thomas H. Ptacek, sie said: >> >> OpenBSD has the locale issue resolved reliably already. >> >> OpenBSD supports issetugid(). >> >> Thus, I can tell, even when I'm deep in libc, if I was called from an SUID >> program. I can do that because execve() flipped a bit in my proc structure >> when it noticed that I was SUID. >> >> This is a good thing. >> >> Meaningless UID checks probably aren't. Anything could have happened to my >> creds, depending on the programmer calling the library, and I have no way >> of determining what happened. >> >> What's holding FreeBSD up on supporting issetugid()? > > Has anyone done a send-pr to send it to freebsd ? I've been running with a version of it for what seems like 6 months now, but my version was tied in with fixes to the P_SUGID flag rather than create a new flag. -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?855220778.617480>