On Sun, 20 Sep 2009 16:19:33 +0900, Joerg Sonnenberger <joerg%britannica.bec.de@localhost> wrote:
On Sat, Sep 19, 2009 at 09:01:19PM +0900, OBATA Akio wrote:From the PR, KMEM_GROUP should be defined in mk/platform/*.mk.I am not sure. Whether or not a specific binary needs suid/sgid is pretty platform specific and as such needs to be handled explicit. I strongly prefer to get a report that something is not working if running as normal user over creating a root exploit.
I don't intend to use the group mechanically without reason. (ex. on Linux, if using /dev/kmem, sgid kmem, if using /proc, no need suid/sgid) It is good that each packages decide whether to need sgid kmem group or not, but it is bad that each packages maintain list of kmem group for supported platforms. -- "Of course I love NetBSD":-) OBATA Akio / obache%NetBSD.org@localhost