Date: Thu, 4 Jan 2001 14:09:53 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Will Andrews <will@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/usr.bin/apply apply.c Message-ID: <200101041909.OAA61522@khavrinen.lcs.mit.edu> In-Reply-To: <200101041905.f04J5ou82617@freefall.freebsd.org> References: <200101041905.f04J5ou82617@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 4 Jan 2001 11:05:49 -0800 (PST), Will Andrews <will@FreeBSD.org> said: > Use getusershell() to make sure the SHELL environment variable passed is > safe to use. Add new option -s to allow anal users to pass things like > perl; this option is here along with getusershell() checking since the > such checking is only intended to affect things like suidperl that might > call apply(1). What is the reason for this change? I see no benefit in modifying many programs in this manner which do not ordinarily run with elevated privileges. It is the responsibility of those programs that do, to ensure that the environment passed to their children is safe and sane. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101041909.OAA61522>