From owner-freebsd-security  Mon Aug 11 14:46:50 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id OAA01891
          for security-outgoing; Mon, 11 Aug 1997 14:46:50 -0700 (PDT)
Received: from lsd.relcom.eu.net (ache@lsd.relcom.eu.net [193.124.23.23])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA01875;
          Mon, 11 Aug 1997 14:46:42 -0700 (PDT)
Received: (from ache@localhost)
	by lsd.relcom.eu.net (8.8.7/8.8.7) id BAA08850;
	Tue, 12 Aug 1997 01:46:33 +0400 (MSD)
Date: Tue, 12 Aug 1997 01:46:32 +0400 (MSD)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
X-Sender: ache@lsd.relcom.eu.net
To: Sean Eric Fagan <sef@Kithrup.COM>
cc: bde@zeta.org.au, current@FreeBSD.ORG, security@FreeBSD.ORG
Subject: Re: procfs patch
In-Reply-To: <199708111911.MAA23776@kithrup.com>
Message-ID: <Pine.BSF.3.96.970812014216.8334B-100000@lsd.relcom.eu.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 11 Aug 1997, Sean Eric Fagan wrote:

> Consider this:
> 
> 	you run suid program
> 	it does some stuff, then sesetuid's to you
> 	it then exec's a program, as you
> 
> You can make that last program core dump.  Got it?  It can core dump.  It
> can core dump.  It can core dump.

At this point you just not make clear enough in your previous postings
that _exec_ happens between setuid and core dump, it cause Marc's and my
confusion.

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.pp.ru/~ache/