[TUHS] Re: another OSX 100% less Unix

Warner Losh wrote in <CANCZdfqNxuT1XT-En8-9+5+bdkGJz3fzpE-f2wZ1GdQ9thnU7w(a)mail.gmail.com>: |On Thu, Jun 27, 2024, 6:07 AM Dan Cross <crossd(a)gmail.com> wrote: | |> On Thu, Jun 27, 2024 at 8:02 AM Peter Yardley |> <peter.martin.yardley(a)gmail.com> wrote: |>> OSX is Mach which has a BSD emulation layer. And BSD injected into the |> kernel. |>> |>> It doesn’t claim to be UNIX. |> |> Not true! It does: macOS is actually certified and registered as Unix. |> It's my understanding that Apple paid a fair bit of money to make that |> happen: https://www.opengroup.org/openbrand/register/ | |Indeed (can't authoritatively speak to the cost). FreeBSD has started |getting a trickle of fixes to cope with the test suite compliance. Some are |very test suite specific like checking to make sure argv[0] != NULL in some |weird programs... some fix real problems though.. I think POSIX tries to create a sane environment.. Early proposals required that the value of argc passed to main( ) be ``one or greater ’’. This was driven by the same requirement in drafts of the ISO C standard. In fact, historical implementations have passed a value of zero when no arguments are supplied to the caller of the exec functions. This requirement was removed from the ISO C standard and subsequently removed from this volume of POSIX.1-2024 as well. The wording, in particular the use of the word should, requires a Strictly Conforming POSIX Application to pass at least one argument to the exec function, thus guaranteeing that argc be one or greater when invoked by such an application. In fact, this is good practice, since many existing applications reference argv[0] without first checking the value of argc. ..whereas CVE-2021-4034a also caused FreeBSD commits like exit if invoked with invalid (zero) argc This was prompted by the recent pkexec vulnerability (CVE-2021-4034). This change is being made on general principle for setuid/setgid binaries and is not in response to an actual issue. and, furthermore execve: disallow argc == 0 The manpage has contained the following verbiage on the matter for just under 31 years: "At least one argument must be present in the array" Previous to this version, it had been prefaced with the weakening phrase "By convention." Carry through and document it the rest of the way. Allowing argc == 0 has been a source of security issues in the past, and it's hard to imagine a valid use-case for allowing it. Toss back EINVAL if we ended up not copying in any args for *execve(). Man, .. also two and a half year, that one.. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)