Date: Tue, 23 Apr 2002 12:15:43 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Mike Barcroft <mike@FreeBSD.org> Cc: "M. Warner Losh" <imp@village.org>, nectar@FreeBSD.org, phk@critter.freebsd.dk, wollman@lcs.mit.edu, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h Message-ID: <Pine.NEB.3.96L.1020423121418.55944G-100000@fledge.watson.org> In-Reply-To: <20020423120949.G72727@espresso.q9media.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Apr 2002, Mike Barcroft wrote:
> Again, I don't mind this being a kernel option. Even if it's turned on
> by default, or we use a reverse kernel option to turn it off.
>
> A user should be able to choose the security policy of his/her system.
> If that means one has to add `option POSIX_SETUGID_HANDLING', that's
> fine, but to force a security policy down a user's throat, I think, is
> wrong. This applies to Robert's comments as well.
Sounds fine to me, although it does raise the spectre of bit rot.
However, that will be a new feature, rather than an existing one, since a
state of POSIX compliance for the exec of setugid applications hasn't
existed {for a long time, ever}. :-) A few #ifndef
POSIX_SETUGID_HANDLING's won't hurt, and will nicely match the
POSIX-related confusion in kern_prot.c.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020423121418.55944G-100000>