Date: Fri, 20 Aug 2010 11:14:27 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Attilio Rao <attilio@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r211393 - head/lib/libutil Message-ID: <861v9ty7bg.fsf@ds4.des.no> In-Reply-To: <AANLkTi=vSxjTEToPyFZC_DwUPnTq4Sr-RoKRT7sJm%2Bp=@mail.gmail.com> (Attilio Rao's message of "Thu, 19 Aug 2010 16:51:37 %2B0200") References: <201008161132.o7GBWKhx097183@svn.freebsd.org> <86mxsm4wff.fsf@ds4.des.no> <86bp924w3w.fsf@ds4.des.no> <AANLkTikVMVpM=E3x6i=zGnCqPrTis=kyA3PzhwotB=H0@mail.gmail.com> <8662z6r77w.fsf@ds4.des.no> <AANLkTi=vSxjTEToPyFZC_DwUPnTq4Sr-RoKRT7sJm%2Bp=@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Attilio Rao <attilio@freebsd.org> writes: > Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: > > Perhaps the test in setusercontext() should be changed to use > > geteuid() instead of getuid(). > Yes, I think that it probabilly makes more sense (geteuid() testing in > setusercontext()). What if the user's ~/.login_conf sets a custom PATH, and the application switches back to root privs and fork()-exec()s some other program? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?861v9ty7bg.fsf>