Received: (from majordom@localhost) by hyperreal.com (8.8.5/8.8.5) id XAA13114; Thu, 19 Jun 1997 23:16:28 -0700 (PDT) Received: from twinlark.arctic.org (twinlark.arctic.org [204.62.130.91]) by hyperreal.com (8.8.5/8.8.5) with SMTP id XAA13066 for ; Thu, 19 Jun 1997 23:16:23 -0700 (PDT) Received: (qmail 29071 invoked by uid 500); 20 Jun 1997 06:24:50 -0000 Date: Thu, 19 Jun 1997 23:24:50 -0700 (PDT) From: Dean Gaudet To: new-httpd@apache.org Subject: Re: [PATCH] a different approach to setuid scripts In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: new-httpd-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org I'm quite tired of the linux bashing. I know I'm one of the few people here who supports linux. Any kernel-based threads implementation has a tid to tid_specific_data mapping in addition to a pid to pid_specific_data mapping. It is trivial to put a uid into the tid_specific_data instead of the pid_specific_data. This is not heavy-weight at all. Of course it's not feasible to do this in a userland threads package. Dean On Thu, 19 Jun 1997, Marc Slemko wrote: > And the pessimistic would say that is because Linux's threads are too > heavy... > > On Wed, 18 Jun 1997, Dean Gaudet wrote: > > > Only linux that I know of allows threads to run as different uids. > > > > Dean > > > > On Wed, 18 Jun 1997, Marc Slemko wrote: > > > > > On Wed, 18 Jun 1997, Randy Terbush wrote: > > > > > > > > > > > He has chosen the path of setting effective UIDs, which was > > > > originally not acceptable. My feelings haven't changed much in that > > > > regard. Would someone else like to comment? > > > > > > > > > > Easy to do, lets you do a lot more (like access web pages as > > > different users, not just run scripts) but it ain't secure. It > > > would also probably tend to introduce too many hassles in a > > > threaded world, no? > > > > > > > > > >