66917416dd
The problem here is setuid(euid) is used far too much. Since I removed many of these calls, and added no new ones, I do not think this weakens security. In fact, it quite likely improves it quite a bit, since access() is called as the real userid, and the file is opened for printing as the real userid rather than the (setuid-root) effective one. |
||
---|---|---|
.. | ||
Makefile | ||
lpr.1 | ||
lpr.c |