Subject: Re: vixie-crontab vunerable?
To: None <firstname.lastname@example.org>
From: Gordon W. Ross <email@example.com>
Date: 12/16/1996 14:27:32
> Date: Mon, 16 Dec 1996 13:44:41 -0500
> From: Bill Sommerfeld <firstname.lastname@example.org>
> Hmm. Anyone for producing a "libcsafe" which doesn't include:
> and other "unsafe", but traditional, interfaces, and then linking all
> setuid system programs against it instead of libc?
You could also create a "libcsafe" that DOES include those functions,
and ONLY those, but where those functions all just call abort. You
might also make them invoke the magic link-time warning stuff.
This library could be supplied in the library list before libc when
linking s*id programs. (Probably a non-shared version is best.)