[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Here documents and CRLF



On Mon, Jun 14, 1999 at 05:39:01PM +0300, Martin-Eric Racine wrote:
> Hi Guido!
> 
> > Just btw (I mentioned that a while ago), in the next MiNTLib I will
> > totally ignore UNIXMODE for setuid or setgid programs.  For these
> > executables a default setting of "/brU" is always assumed and the
> > environment is not read.  This will probably (as a side effect) 
> > avoid the cron problems.
> 
> OK, but will this have _any_ negative effects on existing programs?

Depends on your setup.  I will make a list of which environment variables
are evaluated from the libc and which default settings will be used now
for setuid programs.

BTW, the reason for this is that people that know more about security
stuff have told me that it is generally a bad idea if the libc calls
getenv() behind the programmer's back on setuid programs.  Of course, you
can still evaluate environment variables from within a setuid program but
the libc won't do internally.  An example effect of this is that temporary
files will be created in "/usr/tmp" (if that exists) and not in
"$TEMPDIR" (usually "/tmp").

Ciao

Guido
-- 
http://stud.uni-sb.de/~gufl0000
mailto:gufl0000@stud.uni-sb.de