Stefan Lambrev wrote: > Hi Bill, > > 韓家標 Bill Hacker wrote: >> Stefan Lambrev wrote: >>> Hi, >>> >> *snip* >> >>>> I will not be surprised if it occurs when building as an 'ordinary >>>> user' and does NOT occur when building as root.... >>>> >>>> BNL (BSD's Not Linux).... >>>> >> >>> I see something similar on all ports that have OPTIONS (make config). >>> Here is example (do this as user member of wheel, but not root): >>> >> >> Stop right there. '..NOT root'?? >> >> Why would I DO that? > You can do this by mistake for example. When you have 10 terminals > sometimes you did not pay enough attention are you root or not LOL! trust me to know that one! 50 years since I submitted my first card deck to a mainframe, but I did exactly that - twice, yet - in the last 24 hours.. Including EUID in the 'prompt' just need a hug and kiss, as I use several different shells... > Also you may want only to "read" what is the last configuration of a > port using: make config (not configure!) > and for this you do not have to be root( see permitions of /var/db/ports/) ACK. > Also it's a nice feature in FreeBSD ports, so I really do not know why > not to use it, as it's a feature, but not a bug. > ACK. > Anyway why or why not does not matter. > The only think that matter is that doing this trigger the bug in "su". > Bug that does not exist in 6.2-STABLE or before, and normally bugs are > exploited by users that are not root. > What Artem is seeing is not (yet) a 'bug' in su in my mind. MC is 'in the way' of getting accurate response (smells of the classical DOS 'pause' when in echo-off, and/or at a point in time when stdio is not connected to the VTTY in use). Unless/until mc is ether sorted or taken out of the loop, the result is not conclusive. IOW - I can reproduce the 'fail-to-complete and say so' easily enough in any CLI shell so far mentioned, but I cannot reproduce the 'quietly go away and hide' behaviour in a 'raw' shell. That doesn't mean that su is perfect. But I'd not waste an su coder's time on su so long as there is a lack of transparency / lack of proper error return in mc's script handling. Separate issue. > P.S. /usr/ports/Mk/ look for SU_CMD :) > And? Are you of the opinion that suexec-* et al can over-ride system security when invoked by a non-root EUID caller? I surely hope not... ;-) BillReceived on Thu Oct 18 2007 - 10:32:00 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:19 UTC