Incorrect (?) documentation for setreuid(2) could lead to security
issues for user code
Chris Palmer
chris at noncombatant.org
Thu Jan 8 22:37:42 PST 2009
According to section 6.4.1 of "Setuid Demystified":
http://www.cs.ucdavis.edu/~hchen/paper/usenix02.html
FreeBSD 4.4's setreuid(2) man page is wrong. The man page for FBSD 7 says
the same thing. Is it still wrong, or was the implementation changed to
match the documentation?
This person noticed the same problem for OBSD:
http://www.nabble.com/setreuid()-documentation-is-confusing-and-wrong-td7953251.html
More information about the freebsd-security
mailing list