tech-kern: re: Addition to force open to open only regular files

Subject: re: Addition to force open to open only regular files
To: Jarom r Dolecek <dolecek@ibis.cz>
From: matthew green <mrg@eterna.com.au>
List: tech-kern
Date: 11/13/2000 18:10:06

   
   But this doesn't matter in this context, right ? The real user has
   no control about how the suid binary calls setuid()/seteuid(). If the
   binary ends up with both effective and real uid the more privileged
   one, the program has security problem on it's own.


the problem is that the *library* has no idea what the program has done,
therefore can not know what uid is the right one to use for the operation
at hand...