I just committed a fix for this, the next snapshot should include it. - todd
CVSROOT: /cvs
Module name: src
Changes by: mill...@cvs.openbsd.org 2019/03/23 11:03:00
Modified files:
lib/libc/gen : login_cap.c auth_subr.c
Log message:
Remove useless secure_path(3) calls.
There is no point in checking permissions of files in root-owned
directories. If it even was a problem, secure_path(3) suffers from
unsolvable TOCTOU issues. OK deraadt@
