--- Comment #3 from fche at redhat dot com 2009-09-22 16:18 ---
Committed.
--- Comment #4 from fche at redhat dot com 2009-09-22 16:18 ---
Subject: Bug 41433
Author: fche
Date: Tue Sep 22 16:17:50 2009
New Revision: 152026
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&re
--- Comment #3 from fche at redhat dot com 2009-09-22 16:18 ---
Committed.
--
fche at redhat dot com changed:
What|Removed |Added
Status|ASSIGNED
--- Comment #2 from fche at redhat dot com 2009-09-22 15:52 ---
Created an attachment (id=18631)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=18631&action=view)
proposed patch
This patch fixes and documents the can-of-wormsness of setuid.
--
http://gcc.gnu.org/bugzilla/show_
--
fche at redhat dot com changed:
What|Removed |Added
AssignedTo|unassigned at gcc dot gnu |fche at redhat dot com
|dot org |
--- Comment #1 from krahmer at suse dot de 2009-09-22 11:33 ---
Changing system() to execve() is not enough since ressources
like open files may also leak from a setuid binary.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41433
