From owner-cvs-all  Sat Jul  8 15:31:27 2000
Delivered-To: cvs-all@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2261C37B594; Sat,  8 Jul 2000 15:31:06 -0700 (PDT)
	(envelope-from des@flood.ping.uio.no)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.3) id AAA66825;
	Sun, 9 Jul 2000 00:30:58 +0200 (CEST)
	(envelope-from des@flood.ping.uio.no)
To: Mike Smith <msmith@FreeBSD.org>
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/crypto/openssh sshd.c
References: <200007082230.PAA01325@mass.osd.bsdi.com>
From: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Date: 09 Jul 2000 00:30:56 +0200
In-Reply-To: Mike Smith's message of "Sat, 08 Jul 2000 15:30:13 -0700"
Message-ID: <xzpd7ko9rvj.fsf@flood.ping.uio.no>
Lines: 13
User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mike Smith <msmith@FreeBSD.org> writes:
> > Well, for starters, /proc might not be mounted, and an 3v1l h4xx0r
> > might be able to trick a root-owned process into creating
> > /proc/curproc/file.
> At which point about a billion other security holes are also opened.  
> Your argument holds equally well for suggesting that "secure" programs 
> should never read configuration files either.

Agreed; I withdraw my objections.

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message