On Mon, 27 Mar 100, T.E.Dickey wrote:
> possibly - but as written, lynx would not make the proper permissions
> checks when deciding if it ought to be allowed to do something
> (there's no comparison between the real/effective users). I do this
> in my directory editor, where it does the proper types of checks.
>
> > I would protest if 'cat' suddenly refused to honor setuid/setgid
>
> 'cat' does not try to do permissions-checks.
I would expect lynx to use the effective uid/gid for all necessary
checks, i.e. act exactly as if invoked by the user indicated by the
binary's uid/gid, since it's not an application designed to be
setuid/setgid-aware. If, as a result of being setuid/setgid, it
can open files that the real user couldn't - well that's the
problem (or the intention!) of whoever made it setuid/setgid.
> otoh, this isn't quite as drastic as some patches I've seen (on BugTraq ;-)
> that propose disabling setuid in ncurses lest it read the wrong terminal
> description...
But ncurses is a library - that's completely different anyway.
The lynx code can find itself running setuid only after someone
has explicitly done 'chmod ... /path/to/lynx' or the equivalent,
right?
Klaus
