[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/36540: a mass of fixes for lpr
The following reply was made to PR bin/36540; it has been noted by GNATS.
From: David Holland <dholland-bugs%netbsd.org@localhost>
Subject: Re: bin/36540: a mass of fixes for lpr
Date: Sat, 9 Feb 2008 06:04:50 +0000
Unfortunately, you cannot just remove all the seteuid() calls that
bracket privileged operations: if you continue to run the programs
privileged, they will be insecure, and if you don't, they won't work.
You've replaced only one such block (out of many) with alternate code,
and that alternate code assumes that the process be running with
privilege. (Which means you've made it insecure rather than making it
Real privilege separation code for lpr/lpd would probably be a good
thing. This isn't it though and I'm afraid it's not even really a step
in the right direction.
David A. Holland
Main Index |
Thread Index |