Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 09 Jun 2000 06:48:36 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        "Matthew B. Henniges" <matt@axl.net>
Cc:        freebsd-security@FreeBSD.ORG, dillon@apollo.backplane.com
Subject:   Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug) 
Message-ID:  <200006091349.e59DnCf13738@cwsys.cwsent.com>
In-Reply-To: Your message of "Fri, 09 Jun 2000 03:03:02 EDT." <KBEAJDGMGMDNDPICHDNHAEPDFJAA.matt@axl.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <KBEAJDGMGMDNDPICHDNHAEPDFJAA.matt@axl.net>, "Matthew B. 
Henniges" w
rites:
> And what of suid programs? Do they use the users tmp(and possible fall to
> symlink/race/whatever..)
> 
> or do they use a different one(roots?)
> 
> do suid programs all use roots /tmp, no matter who runs them?

Very good point.  SUID programs do inherit the parent's environment.

The wider and a couple of others have discussed here will require significant architecture changes to FreeBSD.  I think for now,

1.  Matt Dillon's suggestion of symlinking /var/tmp to /tmp on its own
    filesystem is the most secure option we have right now without
    gutting the whole system.  This should be committed to FreeBSD.
    (My apologies Matt for stomping all over you.  That was totally
    uncalled for.)

2.  The hlfs/amd option I advocate will suffer from what you discuss.
    Turning off SUID is not an option.

3.  A special "temporary" filesystem that would isolate users temporary
    filesystem address spaces from each other would be the ultimate
    solution, however I don't have enough FreeBSD kernel experience to
    tackle this -- if this was an MVS kernel, that would be another
    matter...


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Team Leader, Sun/DEC Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006091349.e59DnCf13738>