Subject: re: Addition to force open to open only regular files
To: Robert Elz <kre@munnari.OZ.AU>
From: matthew green <email@example.com>
Date: 11/13/2000 21:02:27
It seems to me that the only correct solution which can really work in
these cases is a library audit, make it clear which library routines
are subject to end-user (as distinct from application) manipulation of
their actions, either directly, or (as here, indirectly about half a
dozen layers deep into the name->address translation routines) and then
make sure that all setuid applications that call those library routines
do so with the uid set in the appropriate form for correct operation.
to a significant portion of us, such an audit is *never* good enough,
because (a) bits will be missed, (b) new bits will appear all the time,
and (c) we can't possible audit every program that is setuid that may
be used on a NetBSD system.
i wish it were that simple. (c) makes it "impossible."