i think the right solution to this problem is to run a password server at a known "address" that is independent of namespace. only the c library needs to know about this. (there are other unix traditions than can be kept in a world were normal users can mount and bind this way.)
- erik On Tue Apr 18 14:53:50 CDT 2006, [EMAIL PROTECTED] wrote: > On 4/18/06, Russ Cox <[EMAIL PROTECTED]> wrote: > > > A masking bind over /etc/passwd could be disasterous > > > on Unix and I don't think anyone has really solved this problem yet > > > > this is trivial to solve. setuid binaries should run > > in the default system name space instead of inheriting > > the one in use where they are started. > > > > russ > > Hmmm, anyone spoken to Al Viro about this?
