Subject: Re: setbuf() in hostalias()
To: None <firstname.lastname@example.org>
From: Paul A Vixie <email@example.com>
Date: 04/25/2000 21:30:23
this setbuf() is only needed on systems where setuid-root binaries
are willing to dump core when run by non-root euid's. otherwise,
the stdio buffer could have data from normally-unreadable files.
(sendmail on sunos was the proximate cause of this pain, with a
"setenv HOSTALIAS /etc/shadow" as the disease vector.)
> setbuf(fp, NULL)
> in hostalias() (lib/libc/net/res_query.c). I wonder why it is
> here, and why it is #if 0'ed in NetBSD (1.21 -> 1.22).
> Are there any reason for putting it in hostalias(), and is it safe
> to remove it?
> By doing some checking, current situation is like this.
> BSDI4 has it, and it is the origin of setbuf(fp, NULL)
> FreeBSD and OpenBSD has it enabled
> NetBSD #if 0'ed it
> (BSDI switched to BIND8 resolver already so I can't compare)