>
> On Mon, 27 Mar 100, T.E.Dickey wrote:
>
> > >
> > > On Sun, 26 Mar 100, T.E.Dickey wrote:
> > >
> > > > * disable setuid on initialization -TD
> > >
> > > Why?
> >
> > because I noticed several places in the temp-file checks that would
> > be rather difficult to remedy otherwise.
>
> I still believe there are legitimate uses for making lynx setuid
> or setgid. Mostly for non-interactive use. (not necessarily
> setuid root).
possibly - but as written, lynx would not make the proper permissions
checks when deciding if it ought to be allowed to do something
(there's no comparison between the real/effective users). I do this
in my directory editor, where it does the proper types of checks.
> I would protest if 'cat' suddenly refused to honor setuid/setgid
'cat' does not try to do permissions-checks.
otoh, this isn't quite as drastic as some patches I've seen (on BugTraq ;-)
that propose disabling setuid in ncurses lest it read the wrong terminal
description...
> bits. Lynx can be used in similar ways as cat, as a filter.
> So it should behave the same way. I shouldn't have to write a C
> wrapper for every little utility that I want to operate with
> different privileges.
>
> Klaus
>
>
>
>
--
Thomas E. Dickey
[EMAIL PROTECTED]
http://www.clark.net/pub/dickey
