Re: Bug in set/gethostname.

Michael Elizabeth Chastain (
Sun, 17 May 1998 16:33:35 -0500

Hello Linus,

> In short, give a better reason, because as it stands, this "bug" is not a
> bug, but just a case of "let's not add code to take care of a case we
> shouldn't care about anyway". It's a "bug" in the same sense as it's a
> "bug" that root can write to /dev/kmem and make the system unstable.

I have two arguments in favor of Alan Cox's position:

Programming by contract. Esthetically, I *like* it when I can
make assertions and prove them. In this case, the assertion is:
system_uts.nodename is a null-terminated string of less than size
__NEW_UTS_LEN. Practically, I think that programming by contract
eliminates the conditions that breed bugs.

Capabilities instead of the almighty root. sys_sethostname requires
only CAP_SYS_ADMIN. I don't like the argument that someone with one
capability might as well have the power to run racy code, because
they could write to /dev/kmem anyways. Also I think that bugs are
different from intentionally shooting one's foot off.

Just my opinion. I'll go back to proof-reading sound code now.


Michael Chastain
"love without fear"

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to