[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The patch of glibc which allows the user to override the pfinet serv
From: |
olafBuddenhagen |
Subject: |
Re: The patch of glibc which allows the user to override the pfinet server |
Date: |
Thu, 10 Jul 2008 19:17:53 +0200 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
Hi,
On Wed, Jul 09, 2008 at 02:02:18PM +0200, zhengda wrote:
> I also write a SHELL script "runwithpfinet" to set the environment
> variables and run the command provided by the user.
[...]
> It works in most of cases. but it doesn't work with "ping" when the
> user execute "runwithpfinet 1 ping www.google.com". "ping" still uses
> the default pfinet server. The main reason, I think, is that "ping"
> has a sticky bit. When the user runs it, it gets the privilege of
> root, and meanwhile, the environment variables are changed. Does
> anyone has any ideas to fix the problem?
This is perfectly correct behaviour. If it could be "fixed", that would
actually mean there is a serious security problem -- the user has no
business meddling with the execution environment of a program running as
root!
-antrik-