On Mon, 18 Nov 1996, joost witteveen wrote:
> And, if I put the svga_init() call as the first thing in main(),
> gs will _always_ say
> Using some svgalib driver
> This looks confusing, if gs draws on my X screen.
> The other option, making the wrapper setuid root, looked even less
> attractive to me: Althought the wrapper knows what device gs wants
> to use, I alreadly had one bug in my wrapper (buffer overrun), and
> I am quite glad it wasn't setuid then.
Why not use POSIX (or whatever) saved-uids. Switch straight out of root by
swapping euid and uid as soon as the program starts, then swap again just
before calling svga_init(). This puts the security risks to a minimum.
Tom Lees <firstname.lastname@example.org>
== Linux debian 2.1.10 #14 Tue Nov 19 16:31:18 GMT 1996 i486 ==
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
- Re: Setuid
- From: email@example.com (joost witteveen)