Hi, On Mon, Jul 23, 2007 at 09:05:14PM +0800, Wei Shen wrote:
> I made a try to implement a basic way of socket servers (pfinet and > pflocal) overriding, as described below. Great :-) > (1) Should we disable the overrding mechanism for SUID or SGID > processes ( e.g. substituting *__secure_getenv* for *getenv*). Good question actually. I've no idea :-( In theory, the user should not be able to run a server that has more authority than the standard server. I'm not sure however how much stuff relies on the behaviour of the servers -- whether there are situation where a server behaving differently than the default implementation could cause a suid program to do something it normally wouldn't do... > (2) If all overriding servers in the list are not present, need we > return another error than EPFNOSUPPORT (I think it is enough to remind > the user, though it means "Protocol family not supported". The libc > interface will notify the user "Bad file descriptor") used previously > when the default server is absent? I think it's fine to return the same error. -antrik- _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
