Date: Fri, 19 Apr 2002 13:44:25 +0100 From: Brian Somers <brian@freebsd-services.com> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: Brian Somers <brian@freebsd-services.com>, Garrett Wollman <wollman@lcs.mit.edu>, "J. Mallett" <jmallett@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h Message-ID: <200204191244.g3JCiPSg073492@hak.lan.Awfulhak.org> In-Reply-To: Message from Poul-Henning Kamp <phk@critter.freebsd.dk> of "Fri, 19 Apr 2002 13:35:57 %2B0200." <11657.1019216157@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
> In message <200204191125.g3JBPCSg072782@hak.lan.Awfulhak.org>, Brian Somers wri
> tes:
>
> >I agree with Garrett. This change is *very* broken.
> >
> >[...]
> >
> >Agreed, a program that does this is broken, but I believe the program
> >needs to be fixed, not the kernel.
>
> While I agree that this change is not quite orthodox, I don't think
> we can educate the masses of lousy programmers out there to not
> do stupid things any time soon.
>
> I can't think of any programs that will break as a result of this,
> in particular I cannot think of any setuid programs which it will
> break.
>
> OpenBSD has done this for a couple of years, and that hasn't rid us
> of Theo so it obviously is not a total catastrophy.
>
> Finally, since this has not been discussed on any lists, I would
> expect this to be in reponse to some tangible threat, (most likely
> somewhere in ports ?) so we probably don't have much of a choice
> anyway.
>
> So can we avoid giving our security-officer a hard time for doing
> his job ? Please ?
After looking into things further, it's Garrett's suggested
alternative that I have a problem with.
close(x)
if (open(file, flags) != x)
is done in many places (bin/sh and usr.sbin/ppp to name two). I
can't think of anything ``usual'' that the committed change would
break (except perhaps some standard).
> Thankyou!
>
> --
> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
> phk@FreeBSD.ORG | TCP/IP since RFC 956
> FreeBSD committer | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204191244.g3JCiPSg073492>