This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Fwd: Re: [RFC][PATCH] Add envvar IO_BUFMODE to forcibly set buffering mode
- From: Sunyeop Lee <sunyeop97 at gmail dot com>
- To: libc-alpha at sourceware dot org
- Date: Thu, 23 Mar 2017 10:01:41 +0900
- Subject: Fwd: Re: [RFC][PATCH] Add envvar IO_BUFMODE to forcibly set buffering mode
- Authentication-results: sourceware.org; auth=none
---------- Forwarded message ----------
From: Joseph Myers <joseph@codesourcery.com>
Date: 2017-03-23 3:11 GMT+09:00
Subject: Re: [RFC][PATCH] Add envvar IO_BUFMODE to forcibly set buffering mode
To: Sunyeop Lee <sunyeop97@gmail.com>
On Wed, 22 Mar 2017, Sunyeop Lee wrote:
> Thanks for comment. I'll write a documentation and tests. I understand it
> breaks standard semantics, but does it need to be disabled for setuid
> programs even if it's secure? Anyone already can force "line buffering
> mode" using pty even on setuid programs. I'm asking if it's possible to
> allow only forced "line buffering mode" for setuid programs instead of
> disabling it.
Consider the case of a setuid program accessing a file rather than stdin /
stdout / stderr, or invoking a non-setuid helper that does so or with
input / output redirected. It's only stdin/stdout/stderr that the caller
of a setuid program can make point to either a pty or file at their
choice.
--
Joseph S. Myers
joseph@codesourcery.com