[2835] in Kerberos-V5-bugs
Re: krb5-libs/505: patch to make krb5 consistently use one set-effective-uid function
daemon@ATHENA.MIT.EDU (Evan Champion)
Thu Dec 4 21:51:15 1997
From: "Evan Champion" <evanc@synapse.net>
To: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Cc: <krb5-bugs@MIT.EDU>, <gnats-admin@RT-11.MIT.EDU>, <krb5-prs@RT-11.MIT.EDU>
Date: Thu, 4 Dec 1997 21:50:41 -0500
>Many commercial operating systems are based on BSD 4.2 and BSD 4.3, and
>setreuid() is the "least common denominator interface". For CSRG to
>remove setreuid() (as I am told they did) was (a) arrogant, and (b)
>stupid. For BSDI to put it back, and but implement it incorrectly, is
>even worse....
It may have been arrogant and stupid, but that was what they did. From
their perspective, setreuid() is a deprecated function which has been
superceded by more sane ways of doing things (likewise for setruid(), which
was also dropped). Yes, they should have at least provided it as a compat
library, but they didn't, and now we have to live with the fallout.
>I'd call this a BSD/OS bug, and BSDI should fix it.
I'd call it a 4.4BSD bug, and yes BSDI should fix it, but there is more to
4.4BSD than BSDI. As I said, these functions are commonly broken up until
the more recent versions of _all_ the 4.4BSD's. For example, I think they
were only all working in FreeBSD 2.2, which can't be much more than a year
old. There must be an acceptable programmatic solution to this problem.
Evan
