[fpc-devel] Linux kernel behaviour change regarding keyboard
chrivers at iversen-net.dk
Wed Jul 18 20:06:01 CEST 2007
> Strawman yes, but if we setuid to userid right after setting the console
> stuff, there's nothing left to audit. We're not malicious software
> makers so there's no chance anything else could happen? Or am I missing
> something here?
> fp starts
> fp sets itself to uid 0
> fp sets the required things as root
> fp sets itself to original userid
> fp finishes init
> I don't see a problem with that. It's not nice to have a suid binary
> requirement, but if there's no other way?
If there's no other way, it would still be nicer to have the suid code
in an entirely seperate executable. Running any complex program as suid
always makes me nerveous - and yes, I very much would have second
thoughts about even running the IDE at all.
Apart from that, your plan could work. I just really, really hope we
find some other way.
More information about the fpc-devel