svn commit: r211393 - head/lib/libutil
Dag-Erling Smørgrav
des at des.no
Fri Aug 20 09:14:29 UTC 2010
Attilio Rao <attilio at freebsd.org> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > Perhaps the test in setusercontext() should be changed to use
> > geteuid() instead of getuid().
> Yes, I think that it probabilly makes more sense (geteuid() testing in
> setusercontext()).
What if the user's ~/.login_conf sets a custom PATH, and the application
switches back to root privs and fork()-exec()s some other program?
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the svn-src-all
mailing list