Re: Need help (building ncurses-4.2)
--On Tue, Nov 3, 1998 12:38 pm -0500 "Roland McGrath" <roland@frob.com>
wrote:
>
> It would be simple to add the feature to the Hurd, but we will not do so
> unless we are convinced of its utility.
>
>> So: Is setfsuig a "Linuxism"? Is there a replacement?
>
> Yes, it is a Linux invention.
I can't tell you why ncurses uses them, but I can give you an example:
Nfsd uses them because it needs to write files as a particular non-root
user, for security reasons. However, if it calls setuid, it exposes itself
to signals from that user - which is bad. So it calls setfsuid to make its
file-system access limited without having to expose itself to a signal
attack.
I don't know the details of the signal attack - presumably someone devised a
race condition..
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | jules@debian.org | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| Debian GNU/Linux - "Microsoft *does* have a year 2000 problem - |
| and we're it!" (paraphrased from IRC) |
\----------------------------------------------------------------------/
Reply to: