how about using the OpenBSD approach.. a flag in the task struct that
remembers if the program is "suid", and having ld.so check that instead
of checking various uid's, via a system call (issetugid() or something
like that).
then various libc functions can use that to decide whether they should
honor some environment variables that change the way some functions
behave.
to fix the rwx--x--x problem, issetugid() could be made to return
various flags, like
#define ISSETUID 1
#define ISSETGID 2
#define EXECNOREAD 4
ld.so could treat non-readable executables like suid ones, disallowing
LD_*.
and on exec the kernel could mask out the EXECNOREAD flag, so that the
rwx--x--x restrictions don't apply after an exec.
-- Roger Espel Llima, espel@llaic.u-clermont1.fr http://www.eleves.ens.fr:8080/home/espel/index.html- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/