-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/22/2013 11:59 AM, Tavis Ormandy wrote:
> Here is a related blog post on the topic
> http://blog.cmpxchg8b.com/2013/08/security-debianisms.html
>
> If you care about tracking vulnerabilities, the vmware issue is
> called CVE-2013-1662.
Do we nee
On Thu, Aug 22, 2013 at 09:59:36PM +0200, Harald van Dijk wrote:
> On 22/08/13 19:59, Tavis Ormandy wrote:
> > Hello, this is a patch to add privmode support to dash. privmode attempts to
> > drop privileges by default if the effective uid does not match the uid. This
> > can be disabled with -p, o
On Thu, Aug 22, 2013 at 1:35 PM, Jilles Tjoelker wrote:
> I think there is no reason to deviate from other shells here. Therefore,
> please call it "privileged".
>
Agreed.
>> In bash and FBSD, after starting with -p, set +p can be used to drop
>> privileges. With your patch, dash accepts set +p,
On Thu, Aug 22, 2013 at 12:59 PM, Harald van Dijk wrote:
> On 22/08/13 19:59, Tavis Ormandy wrote:
>> Hello, this is a patch to add privmode support to dash. privmode attempts to
>> drop privileges by default if the effective uid does not match the uid. This
>> can be disabled with -p, or -o nopri
On 22/08/13 19:59, Tavis Ormandy wrote:
> Hello, this is a patch to add privmode support to dash. privmode attempts to
> drop privileges by default if the effective uid does not match the uid. This
> can be disabled with -p, or -o nopriv.
Hi Tavis,
Your approach definitely has my support (FWTW),
Hello, this is a patch to add privmode support to dash. privmode attempts to
drop privileges by default if the effective uid does not match the uid. This
can be disabled with -p, or -o nopriv.
This matches the behaviour of bash since version 2.0 (released around 1996, see
section 7 of the bash NOT