Re: our broken man package
On Fri, Jan 05, 2001 at 01:09:17AM -0300, Nicolás Lichtmaier wrote:
> There could be a helper setuid program, man-cache-writer. man would call
> this program and pipe it the catpage. man-cache-writer would just write it's
> stding to the proper place. End of the problems.
No so simple. You don't want the trusted program trusting the output of
a non-trusted program.
A start to fix the current problems is to:
1. drop privs if reading a man page that's not going to be cached
anyway. (E.g., a page in your private home directory.)
2. and in that case ignore tmpdir. store temporary files in a directory
writable only my user man.
--
Mike Stone
Reply to: