Re: chown and security

Pavel Machek (pavel@elf.ucw.cz)
Sun, 8 Feb 1998 11:06:52 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Martin Mares: "pciutils 1.0 released"
Previous message: Adam Heath: "Patch: 2.1.85: Bugfix: LP device selection"
In reply to: Andi Kleen: "Re: chown and security"

Hi!

> > Updating the man pages for system calls, I noticed
> > that we have an lchown these days. Hopefully everybody
> > is aware of the fact that every old chown(1) is now a
> > security risk on every recent Linux system.
>
> That surprised me too. I would have expected that lchown()
> would get the system call number of the old chown().

I suspect this is the _right_ way to solve this. What do you think?
(It adds a bit of mess into 2.1.X series, but once we are at 2.1.86,
we will be nicely backward compatible!).
Pavel

-- 
I'm really pavel@atrey.karlin.mff.cuni.cz. 	   Pavel
Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Martin Mares: "pciutils 1.0 released"
Previous message: Adam Heath: "Patch: 2.1.85: Bugfix: LP device selection"
In reply to: Andi Kleen: "Re: chown and security"