[fpc-devel] Linux kernel behaviour change regarding keyboard
Ales( Katona
almindor at gmail.com
Wed Jul 18 19:51:28 CEST 2007
Strawman yes, but if we setuid to userid right after setting the console
stuff, there's nothing left to audit. We're not malicious software
makers so there's no chance anything else could happen? Or am I missing
something here?
eg:
fp starts
fp sets itself to uid 0
fp sets the required things as root
fp sets itself to original userid
fp finishes init
I don't see a problem with that. It's not nice to have a suid binary
requirement, but if there's no other way?
Christian Iversen wrote / napĂsal(a):
> Ales wrote:
>> Why? You have your good ol' PING doing it.
>
> Unbelievable strawman argument there.
>
> This is not at all a critique of the IDE, but please don't compare the
> complexity of "ping" and "fpide"(!)
>
>> I agree tho that if a wrapper can do it for us it's safest. Or if the
>> ide can do it on start, and always setuid(userid) itself right after
>> setting the proper things. I don't see a problem with ANY program
>> being setuid if it has a proper reason, and is audited for it.
>
> There is a very serious limit as to how many lines of code one can
> audit. A project the size of the IDE is unauditable, given it's size.
> This again is not meant to criticize the IDE - any project of the size
> is unauditable.
>
More information about the fpc-devel
mailing list