From owner-cvs-all Fri Apr 19 5:44:52 2002 Delivered-To: cvs-all@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id 9E4A937B416; Fri, 19 Apr 2002 05:44:37 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [IPv6:fec0::1:12]) by Awfulhak.org (8.12.2/8.11.6) with ESMTP id g3JCiREv088110; Fri, 19 Apr 2002 13:44:27 +0100 (BST) (envelope-from brian@freebsd-services.com) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.12.3/8.12.3) with ESMTP id g3JCiPSg073492; Fri, 19 Apr 2002 13:44:25 +0100 (BST) (envelope-from brian@freebsd-services.com) Message-Id: <200204191244.g3JCiPSg073492@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Poul-Henning Kamp Cc: Brian Somers , Garrett Wollman , "J. Mallett" , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h In-Reply-To: Message from Poul-Henning Kamp of "Fri, 19 Apr 2002 13:35:57 +0200." <11657.1019216157@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 19 Apr 2002 13:44:25 +0100 From: Brian Somers Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > In message <200204191125.g3JBPCSg072782@hak.lan.Awfulhak.org>, Brian Somers wri > tes: > > >I agree with Garrett. This change is *very* broken. > > > >[...] > > > >Agreed, a program that does this is broken, but I believe the program > >needs to be fixed, not the kernel. > > While I agree that this change is not quite orthodox, I don't think > we can educate the masses of lousy programmers out there to not > do stupid things any time soon. > > I can't think of any programs that will break as a result of this, > in particular I cannot think of any setuid programs which it will > break. > > OpenBSD has done this for a couple of years, and that hasn't rid us > of Theo so it obviously is not a total catastrophy. > > Finally, since this has not been discussed on any lists, I would > expect this to be in reponse to some tangible threat, (most likely > somewhere in ports ?) so we probably don't have much of a choice > anyway. > > So can we avoid giving our security-officer a hard time for doing > his job ? Please ? After looking into things further, it's Garrett's suggested alternative that I have a problem with. close(x) if (open(file, flags) != x) is done in many places (bin/sh and usr.sbin/ppp to name two). I can't think of anything ``usual'' that the committed change would break (except perhaps some standard). > Thankyou! > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message