[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Need help (building ncurses-4.2)

--On Tue, Nov 3, 1998 12:38 pm -0500 "Roland McGrath" <roland@frob.com>

> It would be simple to add the feature to the Hurd, but we will not do so
> unless we are convinced of its utility.
>> So: Is setfsuig a "Linuxism"? Is there a replacement?
> Yes, it is a Linux invention.

I can't tell you why ncurses uses them, but I can give you an example:

Nfsd uses them because it needs to write files as a particular non-root
user, for security reasons.  However, if it calls setuid, it exposes itself
to signals from that user - which is bad.  So it calls setfsuid to make its
file-system access limited without having to expose itself to a signal

I don't know the details of the signal attack - presumably someone devised a
race condition..


|  Jelibean aka  | jules@jellybean.co.uk         |  6 Evelyn Rd        |
|  Jules aka     | jules@debian.org              |  Richmond, Surrey   |
|  Julian Bean   | jmlb2@hermes.cam.ac.uk        |  TW9 2TF *UK*       |
|  Debian GNU/Linux - "Microsoft *does* have a year 2000 problem -     |
|                      and we're it!" (paraphrased from IRC)           |

Reply to: