bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: arbitrary IDs with available UID 0?


From: Thomas Bushnell, BSG
Subject: Re: arbitrary IDs with available UID 0?
Date: 08 Nov 2002 11:20:00 -0800
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de> writes:

> The doc says that you are allowed to create auth objects associated with any
> IDs if you have euid 0, and the code actually allows it even if only auid 0.
> 
> (Because isroot() uses isuid() and isuid() allows both).
> 
> Is the code wrong or the documentation?  I think we should fix the code.


It seems to me that it's much cleaner to fix the code, so that auids
are really *not* used for anything.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]