Date:        Tue, 7 Sep 1999 17:34:55 +0200
    From:        Manuel Bouyer <bouyer@antioche.lip6.fr>
    Message-ID:  <19990907173455.C775@antioche.eu.org>

  | There's just the deal with suid binaries, but the machinery for tacking care
  | of this is already here.

Really?

If you mean "setuid processes don't dump core", then that's fine, as
long as the process continues being setuid - but after it does a setuid(0)
and then an exec or two down the chain, what's the mechanism then?

Most inherited process attributes don't matter - either they do no harm
(that anyone knows of anyway), or they have been around so long that they
just get cleaned up (where "so long" means that its either an ancient
mechanism, which is well understood, or that enough bugs have been found
that hacks have been added all over to avoid it, like a whole bunch of
environ variables).

At the very least, I'd suggest a little bit of thought about this before
it gets entrenched enough that when bugs are found workarounds need to be
invented, instead of just yanking the mechanism.

kre