add some notes about nosuid mounted file systems. suggested by deraadt@

ok deraadt@ millert@

1 files changed, 5 insertions, 1 deletions

diff --git a/lib/libc/sys/execve.2 b/lib/libc/sys/execve.2
index 86b4242f989..6e72e7711c2 100644
--- a/lib/libc/sys/execve.2
+++ b/lib/libc/sys/execve.2
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: execve.2,v 1.19 2002/07/16 01:41:39 deraadt Exp $
+.\"	$OpenBSD: execve.2,v 1.20 2003/03/10 22:51:53 tedu Exp $
 .\"	$NetBSD: execve.2,v 1.9 1995/02/27 12:32:25 cgd Exp $
 .\"
 .\" Copyright (c) 1980, 1991, 1993
@@ -157,6 +157,10 @@ the effective user ID is recorded as the saved set-user-ID,
 and the effective group ID is recorded as the saved set-group-ID.
 These values may be used in changing the effective IDs later (see
 .Xr setuid 2 ) .
+The set-user-ID and and set-group-ID bits have no effect if the
+new process image file is located on a file system mounted with
+the nosuid flag.
+The process will be started without the new permissions.
 .Pp
 The new process also inherits the following attributes from
 the calling process: