ssh setuid changes.
Darren Moffat
Darren.Moffat at Sun.COM
Wed Jun 12 04:17:31 EST 2002
>I'm still convinced that expressions as
>
> if (uid == 0)
>
>should be changed to a function call
>
> if (is_superuser (uid))
>
>which would allow to write platform dependent code in port-XXX.c
>instead of having the need for #ifdef's.
Taking it a step further the function could take an arugment that says why the
check is being done (bind to priveleged port, read a file I don't own) and
would setup the necessary privelege. This would allow systems that have fine
grained privelege to use it, a subsequent call would be made to drop the
privelege after it was no longer needed.
--
Darren J Moffat
More information about the openssh-unix-dev
mailing list