# 
# Distributed under the terms of the GNU General Public License v2
# $Header: $
#
# The Sane File System (sfperms) is a LD_PRELOAD module for security
# minded people that hooks libc's chmod(),fchmod()
#
# It's goal is to remove group+other readable/writable bits on setuid
# files and remove the other readable/writable bits on setgid files
#
# This module was written for portage pre/post/ package builds and 
# installations.
#
# Use at your own risk - <solar@gentoo.org>
#
# Normal Compile:
#  	make default
#
# Normal Syslog Compile:
#  	Log everything
#  		make CFLAGS="-D_USE_SYSLOG"
#
#  	Or with syslog via env support
#  		make CFLAGS="-D_USE_SYSLOG_ENV"
#  
# Debug Compile:
#  	make CFLAGS="-DEBUG -Wall"
#
# Examples In Use:
# # chmod 4777 /bin/su ; ls -l /bin/su
# -rwsrwxrwx    1 root     root        28528 Oct  6 14:51 /bin/su
# 
# Now with the module loading
# # LD_PRELOAD=$PWD/libsfperms.so chmod 4777 /bin/su ; ls -l /bin/su
# -rws--x--x    1 root     root        28528 Oct  6 14:51 /bin/su
# 
# Bugs:
# 	setid scripts probably wont work.
# 	But those should never be setid anyway.
#