Colin Watson <[EMAIL PROTECTED]> writes: > On Sun, Apr 27, 2008 at 12:56:28PM +0200, Goswin von Brederlow wrote: >> No idea how to prevent LD_PRELOAD and people could always use their >> own linker to ignore the sgid bit anyway. > > If they want to deliberately start a program with reduced protection and > then type their password into it, then that's their (foolish) choice. > The point of this is so that processes started in good faith can't have > their memory inspected so easily later on.
So it is their own fault if they set LD_PRELOAD to something that will steal passwords. :) MfG Goswin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]