From owner-freebsd-security@FreeBSD.ORG Mon Oct 1 11:08:13 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6D0ED10657A9 for ; Mon, 1 Oct 2012 11:08:13 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.zoral.com.ua (mx0.zoral.com.ua [91.193.166.200]) by mx1.freebsd.org (Postfix) with ESMTP id DBDE08FC23 for ; Mon, 1 Oct 2012 11:08:12 +0000 (UTC) Received: from skuns.kiev.zoral.com.ua (localhost [127.0.0.1]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id q91B8HJu026343; Mon, 1 Oct 2012 14:08:17 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.5/8.14.5) with ESMTP id q91B8504016705; Mon, 1 Oct 2012 14:08:05 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.5/8.14.5/Submit) id q91B85lY016704; Mon, 1 Oct 2012 14:08:05 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Mon, 1 Oct 2012 14:08:05 +0300 From: Konstantin Belousov To: Erik Cederstrand Message-ID: <20121001110805.GL35915@deviant.kiev.zoral.com.ua> References: <9DD86238-51C8-4F38-B7EB-BD773039888B@cederstrand.dk> <20121001104901.GJ35915@deviant.kiev.zoral.com.ua> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="QV9egoCq9O4JbpTr" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Virus-Scanned: clamav-milter 0.95.2 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.0 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua Cc: "freebsd-security@freebsd.org" Subject: Re: Opinion on checking return value of setuid(getuid())? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Oct 2012 11:08:13 -0000 --QV9egoCq9O4JbpTr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 01, 2012 at 12:58:41PM +0200, Erik Cederstrand wrote: > Den 01/10/2012 kl. 12.49 skrev Konstantin Belousov : >=20 > > setuid() might also fail for other reasons, e.g. due to custom MAC modu= le. > >=20 > > In case of ping, does the failure of dropping the suid bit is important= ? >=20 > I believe it is. If 'setuid()' fails then 'uid' becomes 0 and it's possib= le e.g. to do a "Flood ping". I do not believe in the dreadful 'flood ping' security breach. Is a local escalation possible with non-dropped root ? --QV9egoCq9O4JbpTr Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD) iEYEARECAAYFAlBpeZUACgkQC3+MBN1Mb4hVSQCgu6dNZmRa5xxou9vCCW70YSAd aKkAn1ACh2+aeVhYCWrK+epJyFeOQ/GA =9om6 -----END PGP SIGNATURE----- --QV9egoCq9O4JbpTr--