Path: utzoo!utgpu!watserv1!watmath!att!rutgers!cs.utexas.edu!yale!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.internals
Subject: Re: Trojan Horses
Message-ID: <5238:Oct2322:14:3690@kramden.acf.nyu.edu>
Date: 23 Oct 90 22:14:36 GMT
References: <1990Oct18.121818.9956@athena.mit.edu> <19547:Oct1818:25:2690@kramden.acf.nyu.edu> <1885@necisa.ho.necisa.oz>
Organization: IR
Lines: 19

In article <1885@necisa.ho.necisa.oz> boyd@necisa.ho.necisa.oz (Boyd Roberts) writes:
> Always, always, always check the return values of system calls.

Of course. I check for every error I know how to handle. I put /*XXX*/
when there may be errors that I can't handle.

> It something has an error return you
> _must_ check for it.

And if something is not documented as returning error X, and there's no
logical reason to expect it to, and there's no good way to handle the
error if it does come up?

> Did it check what setuid() and setgid() returned?  How many of
> you check what those two return?  Anyone?

I do. See the pty source. You were saying?

---Dan