Date: Tue, 22 Jan 2002 10:58:39 +0200 From: Ruslan Ermilov <ru@FreeBSD.ORG> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: Nate Williams <nate@yogotech.com>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: cvs commit: src/gnu/usr.bin/man/man Makefile man.c src/etc/mtree BSD.local.dist BSD.usr.dist BSD.x11-4.dist BSD.x11.dist Message-ID: <20020122105839.C78733@sunbay.com> In-Reply-To: <Pine.NEB.3.96L.1020121183943.69509T-100000@fledge.watson.org> References: <15436.42142.53176.44467@caddis.yogotech.com> <Pine.NEB.3.96L.1020121183943.69509T-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 21, 2002 at 06:54:02PM -0500, Robert Watson wrote:
> On Mon, 21 Jan 2002, Nate Williams wrote:
>
> > > > Not in this forum. But we're not typical of the user base. I will
> > > > continue to use catman, probably making it world writeable, since in my
> > > > situation this isn't a compromise. But what about the man in the
> > > > street?
> > >
> > > The difference between the developers and the users is that the users
> > > hardly ever change the man pages, and so would probably benefit most from
> > > simply using the catman pages in a pregenerated form, rather than having
> > > to wait for each page to render the first time they read it, gradually
> > > consuming more and more disk space as they read more manpages.
> >
> > Except that this doesn't allow the 'users' to print out the pages in a
> > form that may be more usable by them.
> >
> > For example, for most manpages, I simply type 'man', but sometimes I
> > want to print out the manpage on my printer, so I create a postscript
> > file that is formatted better, and prints out much nicer than the
> > tradional 'dumb terminal' manpage that is created by default as the
> > catpage.
>
> This doesn't preclude having the nroff sources installed also, I'm just
> pointing out that the argument that it's in the user's best interest to
> use the man cache mechanism seems a bit bogus to me. The intended goal of
> the man cache was presumably to avoid the full disk cost of catman pages,
> while attempting also to avoid the cpu cost of processing the page every
> time it's viewed. However, in practice it has become a security/space
> tradeoff: you sacrifice security to conserve a few megabytes of space in
> catman files. I think that the benefit may once have been there, but I
> think on modern systems that it's really not there.
>
> For compatibility purposes, it might be reasonable to install man
> non-setuid, but still have the cat pages and directories be installed as
> the man user. Then twiddling man to setuid man from bin/bin would still
> work for those wanting to enable it. However, for the default install, we
> should either rely purely on nroff source, or also install the catman
> distribution.
>
OK, here's what I will do:
1. Restore man.c's SETUID code but do not enable it.
2. Fix SETUID code so that:
a) system catpages are created in a pristine environment
(/usr/bin/env -i)
b) SETUID path is only attempted for system catpages
3. Provide make.conf knob (ENABLE_SUID_MAN) for installing
man(1) ``setuid man''.
a) will fix the environment race, b) will fix the symlink race.
I've already implemented a), and will post a patch here when
b) is also implemented.
Cheers,
--
Ruslan Ermilov Oracle Developer/DBA,
ru@sunbay.com Sunbay Software AG,
ru@FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020122105839.C78733>