From owner-freebsd-security Wed Feb 7 07:44:56 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA07729 for security-outgoing; Wed, 7 Feb 1996 07:44:56 -0800 (PST) Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA07724 for ; Wed, 7 Feb 1996 07:44:53 -0800 (PST) Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.8.2/19Aug95-0530PM) id AA19509; Wed, 7 Feb 1996 10:44:17 -0500 Date: Wed, 7 Feb 1996 10:44:17 -0500 From: "Garrett A. Wollman" Message-Id: <9602071544.AA19509@halloran-eldar.lcs.mit.edu> To: Michael Smith Cc: security@freebsd.org Subject: SS_PRIV, SIOCSIFADDR and rshd In-Reply-To: <199602071110.VAA10492@genesis.atrad.adelaide.edu.au> References: <199602071110.VAA10492@genesis.atrad.adelaide.edu.au> Sender: owner-security@freebsd.org Precedence: bulk < said: > Anyone in a position to comment on this? I can't see anything obvious that > resets SS_PRIV (or any of the socket state attributes) on either exec or > set*id... Not a problem for the case of rshd. Our rshd always uses pipes to talk to the inferior process. It's worth thinking about; I'll cons up a new setsockopt today to fix the problem in the general case (at least for inetd). -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant