Subject: re: Addition to force open to open only regular files
To: None <email@example.com, firstname.lastname@example.org>
From: Noriyuki Soda <email@example.com>
Date: 11/13/2000 19:05:50
matthew green wrote:
> > you're asking that the library trust it's caller. that will never be
> > the case....as much as we would like it to be.
> Why not ? Clearly I'm missing something obvious.
> quite simply the library has *NO IDEA* who called it. trust can't exist.
But we can declare that if a program calls setreuid(2), then the program
is broken just like that programs which call gets(3) is broken.
All programs which currently use setreuid() can be converted to use
saved-uid feature, and saved-uid is more appropriate than setreuid(2),
because saved-uid can make the program secure about some library features
($HOSTALIASES is just one of such library features).
IIRC, Charles said that this is the way to go...
And I agree with him.