On Wed, Feb 07, 2007 at 01:48:10PM +0100, Aurelien Jarno wrote: > Raoul Borenius a écrit : > > Thanx for the quick reply! > > > > On Wed, Feb 07, 2007 at 12:01:22PM +0100, Aurelien Jarno wrote: > >> For security reasons this environment variable (among others) is not > >> used for setuid programs. /bin/ping is setuid. > > > > Sorry for not thinking about that. You're right... > > > > Probably it would be a good idea to put that into the man page of > > resolver(3)? > > If you think it is a good idea, please report a bug against the manpages > package. It's the one which provides this man page.
Ok, I'll do that. > > BTW: is there a list of variables which are passed on to setuid programs > > somwhere? I looked into setuid(3posix) but did not find anything. > > > > There is no list of variables that are passed, but a list of variable > that are not passed. This list is defined in the source code in > sysdeps/generic/unsecvars.h . See the attached file. Thanx! Is it any idea to start a discussion about 'LOCALDOMAIN' being excluded from this list? It's a bit annoying that one cannot use 'ping' with LOCALDOMAIN as regular user. As I read the manpage this is the only way a regular user can overwrite the entry in /etc/resolv.conf. Regards Raoul
