Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Mar 2004 22:52:27 +0100
From:      Rafal Skoczylas <nils@secprog.org>
To:        freebsd-current@freebsd.org
Subject:   Re: [UFS] Broken suiddir? (+patch)
Message-ID:  <20040324215226.GA30596@secprog.org>
In-Reply-To: <20040324130129.A93167@alpha.siliconlandmark.com>
References:  <20040323223020.GA2931@secprog.org> <20040324130129.A93167@alpha.siliconlandmark.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 24, 2004 at 01:21:49PM -0500, Andre Guibert de Bruet wrote:
> On Tue, 23 Mar 2004, Rafal Skoczylas wrote:
> > Additionaly, would someone be so kind to describe the risk caused by using
> > SUIDDIR (mentioned in man) in more detail? Is there any "hidden" risk
> > except those obvious (like created files that look like if someone else
> > created them)? I tried searching google for such information but with
> > no luck so far.
> Imagine a scenario where a user uploads via SMB a windows executable and
> another trojans it. User 1 has no idea that the file has been tampered
> with and runs it. You've got yourself a problem.

Well, actually this is what I meant saying "obvious risk", i.e. you have
no clue who created the file and so on and so forth.

What I would like to know is whether there exists any known issue eg. race
condition in the kernel (or something like that) i.e. something that poses
risk to the system but cannot be thought of because of the nature of the
problem (eg. there's some known "buggie" behavior that makes it risky to
use). To be honest, I'd love to hear the only known risks are those which
I call "obvious" ;)

-- 
Rafal Skoczylas



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040324215226.GA30596>