Subject: Re: setbuf() in hostalias()
To: None <>
From: Jason R Thorpe <>
List: tech-net
Date: 04/25/2000 23:44:00
On Wed, Apr 26, 2000 at 02:55:49PM +0900, wrote:

 > >this setbuf() is only needed on systems where setuid-root binaries
 > >are willing to dump core when run by non-root euid's.  otherwise,
 > >the stdio buffer could have data from normally-unreadable files.
 > >(sendmail on sunos was the proximate cause of this pain, with a
 > >"setenv HOSTALIAS /etc/shadow" as the disease vector.)
 > 	I see, should we put something like this then?  or is NetBSD always
 > 	safe? (we may need some comment at least)
 > 	if (getuid() != geteuid() || getgid() != getegid())
 > 		setbuf(fp, NULL)

I believe NetBSD is safe.  From sys/kern/kern_sig.c:coredump():

         * Make sure the process has not set-id, to prevent data leaks.
        if (p->p_flag & P_SUGID)
                return (EPERM);

        -- Jason R. Thorpe <>