Date: Wed, 19 Feb 1997 23:04:00 -0700 From: Warner Losh <imp@village.org> To: Marc Slemko <marcs@znep.com> Cc: Andrew Kosyakov <caseq@magrathea.chance.ru>, security@freebsd.org Subject: Re: Coredumps and setuids .. interesting.. Message-ID: <E0vxRbs-0006vF-00@rover.village.org> In-Reply-To: Your message of "Wed, 19 Feb 1997 14:32:13 MST." <Pine.BSF.3.95.970219142715.28954J-100000@alive.znep.com> References: <Pine.BSF.3.95.970219142715.28954J-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.3.95.970219142715.28954J-100000@alive.znep.com> Marc Slemko writes: : OTOH, being paranoid is good except when it isn't and I don't see a huge : thing against Warner's suggestion. It may well be possible to find ways : other than core dumps to get access to the memory image through bugs in : ftpd. Or via the ptrace api, or via some new feature that someone adds to procfs that lets you attach to a process' address space, or any other number of other things which seem like a good idea at the time, but introduce more holes. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vxRbs-0006vF-00>