From owner-freebsd-hackers  Mon Oct 21 08:46:59 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id IAA19594
          for hackers-outgoing; Mon, 21 Oct 1996 08:46:59 -0700 (PDT)
Received: from lestat.nas.nasa.gov (lestat.nas.nasa.gov [129.99.50.29])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA19589
          for <freebsd-hackers@freefall.freebsd.org>; Mon, 21 Oct 1996 08:46:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by lestat.nas.nasa.gov (8.7.5/8.6.12) with SMTP id IAA10359; Mon, 21 Oct 1996 08:34:20 -0700 (PDT)
Message-Id: <199610211534.IAA10359@lestat.nas.nasa.gov>
X-Authentication-Warning: lestat.nas.nasa.gov: Host localhost [127.0.0.1] didn't use HELO protocol
To: Jon Ribbens <jon@oaktree.co.uk>
Cc: tech-userlevel@netbsd.org, freebsd-hackers@freefall.freebsd.org
Subject: Re: setuid, core dumps, ftpd, and DB 
Reply-To: Jason Thorpe <thorpej@nas.nasa.gov>
From: Jason Thorpe <thorpej@nas.nasa.gov>
Date: Mon, 21 Oct 1996 08:34:20 -0700
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 21 Oct 1996 13:06:11 +0100 (BST) 
 Jon Ribbens <jon@oaktree.co.uk> wrote:

 > Charles M. Hannum wrote:
 > > * In the particular case of ftpd, if you've logged in as a user other
 > > than root, then your saved, real, and effective uids do not match, so
 > > the previous check we used to use (ruid != svuid || ruid != euid)
 > > would catch this.  So, unless you're logged in as root, you'd be hard
 > > pressed to get ftpd to core dump.
 > 
 > (except on 1.1, when it's easy)

In which case you should either:

	* Upgrade to a more recent release, or

	* modify your kern_sig.c to perform the same check as
	  NetBSD-current's kern_sig.c.

Jason R. Thorpe                                       thorpej@nas.nasa.gov
NASA Ames Research Center                               Home: 408.866.1912
NAS: M/S 258-6                                          Work: 415.604.0935
Moffett Field, CA 94035                                Pager: 415.428.6939