svn commit: r228843 - head/contrib/telnet/libtelnet
head/crypto/heimdal/appl/telnet/libtelnet head/include
head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include
head/lib/libc/net head/libexec...
John Baldwin
jhb at freebsd.org
Fri Dec 23 16:22:36 UTC 2011
On Friday, December 23, 2011 10:58:46 am John Baldwin wrote:
> On Friday, December 23, 2011 10:00:38 am Colin Percival wrote:
> > Author: cperciva
> > Date: Fri Dec 23 15:00:37 2011
> > New Revision: 228843
> > URL: http://svn.freebsd.org/changeset/base/228843
> >
> > Log:
> > Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]
> >
> > Add an API for alerting internal libc routines to the presence of
> > "unsafe" paths post-chroot, and use it in ftpd. [11:07]
>
> Eh, the whole libc_dlopen() thing looks like a gross hack (and who came
> up with that weird symbol name for a public API????). Is it really even
> needed given the other fix to have ftpd drop privilege before execing a
> helper program? I guess the main reason I don't like it is it doesn't do
> anything to address the more general problem. I would have expected instead
> something to restrict dlopen() entirely including from other libraries than
> just libc in certain circumstances.
At the very least if we feel that the libc_dlopen() thing is a temporary
band-aid, we should move the new symbols into the private namespace so
we can remove them once the better fix is in rather than being required
to support them forever.
--
John Baldwin
More information about the svn-src-head
mailing list