Theo de Raadt: > I've been told that vmailer calls issetugid() for similar reasons (if > it exists, which means OpenBSD or FreeBSD, though the FreeBSD > semantics are a tiny little bit different). (Wietse helped me clean > up the man page). This is correct (and thanks for acking my little contribution). Although no VMailer program is set-uid or set-gid itself, some programs might be called from one that is set-uid/set-gid, and therefore I attempt to take proper precautions. Just trying to stay abreast of the next couple waves of "new" security holes :-) Wietse PS. Yes, I know www.vmailer.org is down. I'll see what I can do.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:24 PDT