On Sat, Jun 17, 2006 at 01:56:45AM -0500, Jolan Luff wrote:
> On Sat, Jun 17, 2006 at 06:00:27AM +0200, Tobias Ulmer wrote:
>
> <snip>
>
> > While i like this tool well, the attitude of the main developer
> > regarding security issues is very disturbing. (The bugtracker of the
> > project and securityfocus are a good read on that)
> >
> > My question is, should we bother and fix these issues? I have some but
> > by far not all patches ready. The sad part of it is that most won't
> > make it back into cscope...
> >
> > IMHO, cscope could as well be 'cvs rm -f'ed
>
> I would hope people aren't running it only as root on multi-user systems.
> I don't really view cscope as high risk software. I know of at least
> two OpenBSD developers who use cscope regularly, so it'd certainly be
> better to keep it around. We typically don't like to maintain large
> patchsets in the ports tree. Maybe just fix the temp file problem and
> some of the other big issues so you can sleep better at night? Or work
> with the cscope guys and tell them how to roll their own snprintf
> function for DOS. Or if you're really dedicated, finish your patchset
> and fork cscope ;)
I disagree. User-level security is very important; of course, root
compromise is still the worst that can happen, but if people use su or
sudo - and many do - user-level access is uncomfortably close to
root-level access.
Plus, all my data is in my user-level account, and I wouldn't like to
have it all removed, even if I am one of the few people on this earth
with a working backup.
Of course, after all this whining, I don't use cscope and I am not
planning on forking it to fix the problems. But marking it broken might
be a good idea.
Joachim
