[EMAIL PROTECTED] (Paul Jarc) writes: > [EMAIL PROTECTED] (Thomas Bushnell, BSG) wrote: > > We don't want to change other execs, because there is no reason to > > think there is any kind of security implication for them. > > Why not? Doesn't ruid!=euid have the same implications as in Unix? > (I.e., that a setuid program was executed, and no code since then has > destroyed that information.)
Yes, but it's not a security issue any more, because no *augment* in security is happening. > In Unix, if I run setuid program foo, and foo runs program bar, then > the dynamic loader, noticing that ruid!=euid, will ignore LD_PRELOAD, > etc., when loading bar. (Right?) This is because LD_PRELOAD is under > the control of a user different from the one whose privileges we have > now. Isn't the same true for the Hurd? Well, we don't have LD_PRELOAD. :) _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
