Add more references.

diff --git a/ChangeLog b/ChangeLog
index f329cc83fdb6b0c34b8dffeed2152ebd2897eb1a..c065f8b86fed94c13e7fb30e0d15e45e905aeb90 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2009-06-11  Bruno Haible  <bruno@clisp.org>
+
+       * lib/idpriv.h: Add more references.
+
 2009-06-08  Bruno Haible  <bruno@clisp.org>
 
        Tests for module 'idpriv-droptemp'.

diff --git a/lib/idpriv.h b/lib/idpriv.h
index 906627b590e0fd8bccf42980875d6eba2d07d372..bfa83edfc94a4e5929cda64cdba3015ee5da5dee 100644 (file)
--- a/lib/idpriv.h
+++ b/lib/idpriv.h
@@ -72,9 +72,17 @@ extern "C" {
    you should better stay away from this approach.
  */
 
-/* For more in-depth discussion of these topics, see the paper
-   Hao Chen, David Wagner, Drew Dean: Setuid Demystified
-   <http://www.usenix.org/events/sec02/full_papers/chen/chen.pdf>  */
+/* For more in-depth discussion of these topics, see the papers/articles
+   * Hao Chen, David Wagner, Drew Dean: Setuid Demystified
+     <http://www.usenix.org/events/sec02/full_papers/chen/chen.pdf>
+   * Dan Tsafrir, Dilma da Silva, David Wagner: The Murky Issue of Changing
+     Process Identity: Revising "Setuid Demystified"
+     <http://www.eecs.berkeley.edu/~daw/papers/setuid-login08b.pdf>
+     <http://code.google.com/p/change-process-identity/>
+   * Dhruv Mohindra: Observe correct revocation order while relinquishing
+     privileges
+     <https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges>
+ */
 
 
 /* For approach 2.  */