Date: Thu, 18 Oct 2007 15:04:52 +0300 From: Stefan Lambrev <stefan.lambrev@moneybookers.com> To: =?UTF-8?B?6Z+T5a625qiZIEJpbGwgSGFja2Vy?= <askbill@conducive.net> Cc: freebsd-current@freebsd.org Subject: Re: Broken su in current - trying to fix myself, help needed! Message-ID: <47174BE4.6020300@moneybookers.com> In-Reply-To: <471746C7.20306@conducive.net> References: <00bd01c810ec$10371230$0c00a8c0@Artem> <8cb6106e0710171143m3dff7546o457192ede76e6598@mail.gmail.com> <012c01c810f3$aafeecf0$0c00a8c0@Artem> <20071017193615.GO9006@server.vk2pj.dyndns.org> <471667DB.1010601@conducive.net> <47170FF1.3050602@moneybookers.com> <471746C7.20306@conducive.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bill, =E9=9F=93=E5=AE=B6=E6=A8=99 Bill Hacker wrote: > Stefan Lambrev wrote: >> Hi, >> > *snip* > >>> I will not be surprised if it occurs when building as an 'ordinary=20 >>> user' and does NOT occur when building as root.... >>> >>> BNL (BSD's Not Linux).... >>> > >> I see something similar on all ports that have OPTIONS (make config). >> Here is example (do this as user member of wheel, but not root): >> > > Stop right there. '..NOT root'?? > > Why would I DO that? You can do this by mistake for example. When you have 10 terminals=20 sometimes you did not pay enough attention are you root or not Also you may want only to "read" what is the last configuration of a=20 port using: make config (not configure!) and for this you do not have to be root( see permitions of /var/db/ports/= ) Also it's a nice feature in FreeBSD ports, so I really do not know why=20 not to use it, as it's a feature, but not a bug. Anyway why or why not does not matter. The only think that matter is that doing this trigger the bug in "su". Bug that does not exist in 6.2-STABLE or before, and normally bugs are=20 exploited by users that are not root. P.S. /usr/ports/Mk/ look for SU_CMD :) --=20 Best Wishes, Stefan Lambrev ICQ# 24134177
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47174BE4.6020300>