"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes: > > What was the reason for disabling EXECSERVERS in exec? I think that > > it is quite an useful feature when debugging exec, or playing around > > with new features for it. > > This[1] thread might interest you. > > [1] http://mail.gnu.org/pipermail/bug-hurd/2000-May/001211.html > > Interesting. Roland and/or Thomas, could you comment on the possible > security risks, if any such existed with EXECSERVERS?
Well, a setuid exec itself should disable EXECSERVERS. But the environment variable might still get inherited, and seven layers of fork/exec later, do something nasty. So that means that setuid exec should in fact clear EXECSERVERS in the passed environment. That's a nasty wart, however, having the *exec server* go mucking around with environment variables. _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
