Add InterfaceAttribute entries for some previleged functions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lsb |
In Progress
|
Medium
|
Unassigned | ||
Mandriva |
In Progress
|
Wishlist
|
Bug Description
Created attachment 1068 [details]
SQL to add some InterfaceAttribute entries
As was recently mentioned in bug #2166, we suggest to add some cpmments to the
InterfaceAttribute table for functions which require high privileges. The SQL
attached concerns the following rather clear cases:
reboot
swapon
swapoff
The SQL will also add entries for the following functions:
get_current_
getpass (obsolete; gnu docs suggest more reliable alternative)
rpmatch (not very useful/reliable)
malloc_usable_size (can be useful for debugging, but normally it's a bad
practice)
However, there are some functions that are used might require discussion. For
example, setres[ug]id, setfs[ug]id are used rather widely, though it seems that
they don't make much sense when called by unprivileged user.
iopl/ioperm also have slight usage.
Finally, we include adjtime which also require high privileges to change the
time. But we don't include adjtimex, and it would be strang to reject it with a
reason that it 'requires too much privileges'...
Changed in mandriva: | |
importance: | Unknown → Wishlist |
status: | Unknown → In Progress |