Date: Fri, 21 Apr 95 8:46:57 WET DST From: erandall@muffit.reo.dec.com (Ed Randall) To: freebsd-security@FreeBSD.org Subject: Re: Call for remove setr[ug]id() and setre[ug]id() from libc Message-ID: <9504210746.AA22703@muffit.reo.dec.com> In-Reply-To: <tPZVfbladA@astral.msk.su>; from "Andrey A. Chernov, Black Mage" at Apr 20, 95 9:20 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Andrey A. Chernov, Black Mage writes: > > In message <OH5bMbl8U5@astral.msk.su> Andrey A. Chernov writes: > > >I vote for removing this fuctions completely from library > >sources, it is only one safe variant, if we can't implement > >them in 100%. > > More info: > osetreuid/osetregid syscalls check arguments in the same > way that lib function does, and they are only a little bit safe, > because testing of s[rg]id independs of place calling. > > They both can't be implemented, they are violation of POSIX, > so I prefer to remove them to not make security hole. > If none object, I'll commit the change. Hi, Exactly which functions are you planning to remove : setruid setreuid setrgid setregid osetreuid osetregid and from where ? Please be aware that if you simply remove something, you will most likely prevent various (unknown) applications from compiling. Wouldn't it be better to FIX these functions to match the POSIX standard, and patch up the security holes ? POSIX compliance has surely to be the goal, and removing any POSIX functions altogether will miss the target as surely as if the functions are broken. Regards, Ed Randall ---- ---------------------------------------------------------------------- Ed Randall Digital Equipment Co.Ltd., Worton Grange, Reading DECnet : RDGENG::RANDALL Internet : erandall@muffit.reo.dec.com ----------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9504210746.AA22703>