> > Once I fixed that, it "almost worked": Now I have a portability problem. > > The Debian version uses setfsuig and setfsgid, to solve a security > > problem, I think. > > Can you ascertain what the actual purpose here is? i.e. how are these > calls used and what is the supposed problem being solved by using these > calls?
They are used to fix a security problem. As Mark Kettenis has explained to me, "ncurses looks at the TERMINFO variable to allow the user to specify their own terminfo database. For setuid programs this opens the possibility to read arbitrary files, which of course is not good." He also suggested to ignore such environment variables if uid != euid, as done in libc6. -- "3e07f5bbfc03e0af04abcda88afd9641" (a truly random sig)
