Subject: Re: Addition to force open to open only regular files
To: Wolfgang Solfrank <ws@tools.de>
From: Bill Studenmund <wrstuden@zembu.com>
List: tech-kern
Date: 11/20/2000 10:38:50
On Mon, 20 Nov 2000, Wolfgang Solfrank wrote:

> Hi,
> 
> > The difference is not that it can be less aware, but that it has no idea
> > what has happened to the ids - it can't assume it is running at lower
> > privileges, whereas a set-ID program should have a good idea what
> > privileges it is running at.
> 
> So are you really suggesting that a library routine must work (not only
> correct but) safe irrespective of how it is called?  You gotta be
> joking...

I'm not. And I think that's how many other developers feel too. Especially
since these routines weren't documented as needing to be at a specific ID
level. i.e. we could document ourselves out of the corner with new code,
but not with older routines.

Take care,

Bill