On Wed, 7 Jun 2000, Jesse Pollard wrote:
> There are several program development tools that are setuid to another user
> that switch back after initiating file activity, and put the resulting file
> in the users directory.
>
> Some database applications do this also.
>
> your "patch" violates the assumptions of any program that uses setuid() in
> the POSIX manner.
>
OK, but what should I do? I can't change the assumptions the programmers
do in any case... But I think that support for capabilities - as it is
done in my patch - should be put into the kernel (there are too much
suid-roots...). If you also think that it should be done - please help
me. I don't know how to do it without breaking neither security nor
POSIX-compatibility...
Michal Kosek
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:29 EST