Subject: Re: Addition to force open to open only regular files
To: Wolfgang Solfrank <email@example.com>
From: Bill Studenmund <firstname.lastname@example.org>
Date: 11/20/2000 10:38:50
On Mon, 20 Nov 2000, Wolfgang Solfrank wrote:
> > The difference is not that it can be less aware, but that it has no idea
> > what has happened to the ids - it can't assume it is running at lower
> > privileges, whereas a set-ID program should have a good idea what
> > privileges it is running at.
> So are you really suggesting that a library routine must work (not only
> correct but) safe irrespective of how it is called? You gotta be
I'm not. And I think that's how many other developers feel too. Especially
since these routines weren't documented as needing to be at a specific ID
level. i.e. we could document ourselves out of the corner with new code,
but not with older routines.