svn commit: r211393 - head/lib/libutil
Dag-Erling Smørgrav
des at des.no
Fri Aug 20 19:40:30 UTC 2010
"M. Warner Losh" <imp at bsdimp.com> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > "M. Warner Losh" <imp at bsdimp.com> writes:
> > > And we're back to the reason for why issetugid() :)
> > Does setuid() "untaint" a program?
> No.
Yet I would argue that it is safe to apply the user's .login_conf after
setuid(), so issetugid() is not an appropriate test.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the svn-src-all
mailing list