Subject: Re: Addition to force open to open only regular files
To: Jarommr Dolecek <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 11/20/2000 10:46:47
On Mon, 20 Nov 2000, Jarommr Dolecek wrote:
> We don't need to care about whose privilege is "higher". We only
> need to ensure that potentially exploitable things are done
> with id of user who executed the program.
The jist of the discussions I've heard is that figuring out which ID was
the initial one, for a library routine, isn't that easy.