Date: Mon, 11 Aug 1997 15:31:58 -0400 (EDT) From: Brian Mitchell <brian@firehouse.net> To: Sean Eric Fagan <sef@Kithrup.COM> Cc: ache@nagual.pp.ru, bde@zeta.org.au, current@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: procfs patch Message-ID: <Pine.BSI.3.95.970811153015.23837E-100000@shell.firehouse.net> In-Reply-To: <199708111545.IAA08497@kithrup.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 11 Aug 1997, Sean Eric Fagan wrote: > >Just close the procfs file descriptors on exec? > > I thought about doing that. But I decided it was both too invasive, and too > bothersome -- a root process would gets its fd's close, and it probably > shouldn't. Maybe not. If you are root and execute a setuid program, is P_SUGID set? I would think not, but I have not checked. > > As I said, what I've got now should provide no more risks than dumping core > does. Well, it allows for some greater control -- my truss program is not > SUID root, and needs to be able to read process memory. But since the > process should be owned by the user, I don't have a problem with it. > > Sean. > Now -- how about disallowing access if the binary is unreadable :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.970811153015.23837E-100000>