Date: Fri, 20 Aug 2010 12:37:42 -0600 (MDT) From: "M. Warner Losh" <imp@bsdimp.com> To: des@des.no Cc: attilio@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r211393 - head/lib/libutil Message-ID: <20100820.123742.600640546137300360.imp@bsdimp.com> In-Reply-To: <861v9ty7bg.fsf@ds4.des.no> References: <8662z6r77w.fsf@ds4.des.no> <AANLkTi=vSxjTEToPyFZC_DwUPnTq4Sr-RoKRT7sJm%2Bp=@mail.gmail.com> <861v9ty7bg.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <861v9ty7bg.fsf@ds4.des.no> Dag-Erling Sm=F8rgrav <des@des.no> writes: : Attilio Rao <attilio@freebsd.org> writes: : > Dag-Erling Sm=F8rgrav <des@des.no> writes: : > > Perhaps the test in setusercontext() should be changed to use : > > geteuid() instead of getuid(). : > Yes, I think that it probabilly makes more sense (geteuid() testing= in : > setusercontext()). : = : What if the user's ~/.login_conf sets a custom PATH, and the applicat= ion : switches back to root privs and fork()-exec()s some other program? And we're back to the reason for why issetugid() :) Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100820.123742.600640546137300360.imp>