Date: Fri, 13 Sep 2002 06:49:56 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Nate Lawson <nate@root.org> Cc: Garrett Wollman <wollman@lcs.mit.edu>, arch@freebsd.org, imp@freebsd.org, peter@freebsd.org Subject: Re: PATCH: vnode->v_tag to const char * Message-ID: <3D81ED04.C016B3B0@mindspring.com> References: <Pine.BSF.4.21.0209130039480.26024-100000@root.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Nate Lawson wrote: > For those just tuning in, if a set[ug]id program has /proc/mumble open on > fds 0-2, it's possible it could inadvertently write to them, causing a > crash. The check is_unsafe() in kern_descrip.c handles this case. > > I changed it to use VFCF_SYNTHETIC instead but that is not right -- > fdescfs and devfs (think: /dev/fd/*, /dev/tty) are also synthetic. And > what about portal ... ? > > What is the 'right' way to keep sugid programs from crashing the system > with open 0-2 fds? Hook 1 and 2, which are output fd's, to /dev/null, if you *must* have them open. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D81ED04.C016B3B0>