Date: Fri, 20 Aug 2010 12:37:42 -0600 (MDT) From: "M. Warner Losh" <imp@bsdimp.com> To: des@des.no Cc: attilio@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r211393 - head/lib/libutil Message-ID: <20100820.123742.600640546137300360.imp@bsdimp.com> In-Reply-To: <861v9ty7bg.fsf@ds4.des.no> References: <8662z6r77w.fsf@ds4.des.no> <AANLkTi=vSxjTEToPyFZC_DwUPnTq4Sr-RoKRT7sJm%2Bp=@mail.gmail.com> <861v9ty7bg.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <861v9ty7bg.fsf@ds4.des.no>
Dag-Erling Sm=F8rgrav <des@des.no> writes:
: Attilio Rao <attilio@freebsd.org> writes:
: > Dag-Erling Sm=F8rgrav <des@des.no> writes:
: > > Perhaps the test in setusercontext() should be changed to use
: > > geteuid() instead of getuid().
: > Yes, I think that it probabilly makes more sense (geteuid() testing=
in
: > setusercontext()).
: =
: What if the user's ~/.login_conf sets a custom PATH, and the applicat=
ion
: switches back to root privs and fork()-exec()s some other program?
And we're back to the reason for why issetugid() :)
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100820.123742.600640546137300360.imp>