From owner-freebsd-current@FreeBSD.ORG Wed Mar 24 13:50:30 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB3B916A4CE for ; Wed, 24 Mar 2004 13:50:30 -0800 (PST) Received: from novacom.pl (foo.frob.nl [212.106.140.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F62B43D3F for ; Wed, 24 Mar 2004 13:50:30 -0800 (PST) (envelope-from nils@novacom.pl) Received: from nils by novacom.pl with local (Exim 4.30) id 1B6GIV-00083d-7Z; Wed, 24 Mar 2004 22:52:27 +0100 Date: Wed, 24 Mar 2004 22:52:27 +0100 From: Rafal Skoczylas To: freebsd-current@freebsd.org Message-ID: <20040324215226.GA30596@secprog.org> References: <20040323223020.GA2931@secprog.org> <20040324130129.A93167@alpha.siliconlandmark.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline In-Reply-To: <20040324130129.A93167@alpha.siliconlandmark.com> User-Agent: Mutt/1.5.5i Sender: X-Mailman-Approved-At: Thu, 25 Mar 2004 05:21:54 -0800 Subject: Re: [UFS] Broken suiddir? (+patch) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Rafal Skoczylas List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Mar 2004 21:50:31 -0000 On Wed, Mar 24, 2004 at 01:21:49PM -0500, Andre Guibert de Bruet wrote: > On Tue, 23 Mar 2004, Rafal Skoczylas wrote: > > Additionaly, would someone be so kind to describe the risk caused by using > > SUIDDIR (mentioned in man) in more detail? Is there any "hidden" risk > > except those obvious (like created files that look like if someone else > > created them)? I tried searching google for such information but with > > no luck so far. > Imagine a scenario where a user uploads via SMB a windows executable and > another trojans it. User 1 has no idea that the file has been tampered > with and runs it. You've got yourself a problem. Well, actually this is what I meant saying "obvious risk", i.e. you have no clue who created the file and so on and so forth. What I would like to know is whether there exists any known issue eg. race condition in the kernel (or something like that) i.e. something that poses risk to the system but cannot be thought of because of the nature of the problem (eg. there's some known "buggie" behavior that makes it risky to use). To be honest, I'd love to hear the only known risks are those which I call "obvious" ;) -- Rafal Skoczylas