From owner-freebsd-security  Mon Aug 11 15:46:19 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id PAA05528
          for security-outgoing; Mon, 11 Aug 1997 15:46:19 -0700 (PDT)
Received: from rocky.mt.sri.com (rocky.mt.sri.com [206.127.76.100])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA05518
          for <security@freebsd.org>; Mon, 11 Aug 1997 15:46:13 -0700 (PDT)
Received: (from nate@localhost) by rocky.mt.sri.com (8.7.5/8.7.3) id QAA03222; Mon, 11 Aug 1997 16:45:50 -0600 (MDT)
Date: Mon, 11 Aug 1997 16:45:50 -0600 (MDT)
Message-Id: <199708112245.QAA03222@rocky.mt.sri.com>
From: Nate Williams <nate@mt.sri.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
Cc: security@freebsd.org
Subject: Re: procfs patch
In-Reply-To: <Pine.BSF.3.96.970812014216.8334B-100000@lsd.relcom.eu.net>
References: <199708111911.MAA23776@kithrup.com>
	<Pine.BSF.3.96.970812014216.8334B-100000@lsd.relcom.eu.net>
X-Mailer: VM 6.29 under 19.15 XEmacs Lucid
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

=?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= writes:
> On Mon, 11 Aug 1997, Sean Eric Fagan wrote:
> 
> > Consider this:
> > 
> > 	you run suid program
> > 	it does some stuff, then sesetuid's to you
> > 	it then exec's a program, as you
> > 
> > You can make that last program core dump.  Got it?  It can core dump.  It
> > can core dump.  It can core dump.
> 
> At this point you just not make clear enough in your previous postings
> that _exec_ happens between setuid and core dump, it cause Marc's and my
> confusion.

RTFS.


Nate