[quake3] 'Remove Useless setuid code' ???
vincent at cojot.name
vincent at cojot.name
Sat Sep 3 12:19:04 EDT 2005
On Sat, 3 Sep 2005, Ludwig Nussel wrote:
>> It seems like the setuid is infact useless and related to that root
>> usually owns devices like that... I also seem to remember that id
>> discuraged ppl from running it setuid.. (i'm tired though so it might be
>> context leakage).
>
> It was not only useless but also dangerous. Q3 clearly is not
> designed to run setuid root plus the way it tried to drop the
> privileges was broken.
I Agree. Are we sure this code was only for Linux? I don't think it's
needed on Solaris or IRIX anyway either. I'm just glad to see that we are
having that discussion now.. :)
> I'd even remove the bit that tries to load libgl from the current
> directory. One can just as well set LD_LIBRARY_PATH="." to achieve
> that.
Agreed with that one too.. (most systems have a system-wide libGL these
days) but maybe we could comment it out in case someone needs to
re-activate it in the future.
Thanks for not flaming, btw.. :)
--
,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,
Vincent S. Cojot, Computer Engineering. STEP project. _.,-*~'`^`'~*-,._.,-*~
Ecole Polytechnique de Montreal, Comite Micro-Informatique. _.,-*~'`^`'~*-,.
Linux Xview/OpenLook resources page _.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'
http://step.polymtl.ca/~coyote _.,-*~'`^`'~*-,._ coyote at NOSPAM4cojot.name
They cannot scare me with their empty spaces
Between stars - on stars where no human race is
I have it in me so much nearer home
To scare myself with my own desert places. - Robert Frost
More information about the quake3
mailing list