Re: [Haskell-cafe] GHC 7.0.1 developer challenges

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/4/10 14:35 , Riad S. Wahby wrote:

"Edward Z. Yang" wrote:

...

There are many setuid binaries to non-root users, so getuid() != geteuid() would probably make more sense, though I'm not 100% it has all the correct security properties.

Might as well throw in getegid() != getgid() for good measure.

Another issue with this: in the next couple years it looks like Fedora and Ubuntu will both be going towards filesystem capabilities instead of suid. If access to +RTS is restricted for suid binaries, it should probably also be restricted for binaries with elevated capabilities.

Yes to both. And on Windows I wonder if it makes sense to try to detect that a program is running with restricted permissions (lack of membership in certain groups) and likewise restrict use of runtime options. (I don't think there's anything like setuid, though, and it probably makes no sense to try to detect that someone installed the program as a service running as LSA or used RunAs.) - -- brandon s. allbery [linux,solaris,freebsd,perl] allbery@kf8nh.com system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu electrical and computer engineering, carnegie mellon university KF8NH -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkz6xIQACgkQIn7hlCsL25XuiACfbUPTtk1Qkvo5fpWJzhX/WrbL A54An2CLYNa6Rza5KmswyrRJlKAb/w0G =X0nY -----END PGP SIGNATURE-----