Date: Mon, 21 Oct 1996 08:34:20 -0700 From: Jason Thorpe <thorpej@nas.nasa.gov> To: Jon Ribbens <jon@oaktree.co.uk> Cc: tech-userlevel@netbsd.org, freebsd-hackers@freefall.freebsd.org Subject: Re: setuid, core dumps, ftpd, and DB Message-ID: <199610211534.IAA10359@lestat.nas.nasa.gov>
next in thread | raw e-mail | index | archive | help
On Mon, 21 Oct 1996 13:06:11 +0100 (BST) Jon Ribbens <jon@oaktree.co.uk> wrote: > Charles M. Hannum wrote: > > * In the particular case of ftpd, if you've logged in as a user other > > than root, then your saved, real, and effective uids do not match, so > > the previous check we used to use (ruid != svuid || ruid != euid) > > would catch this. So, unless you're logged in as root, you'd be hard > > pressed to get ftpd to core dump. > > (except on 1.1, when it's easy) In which case you should either: * Upgrade to a more recent release, or * modify your kern_sig.c to perform the same check as NetBSD-current's kern_sig.c. Jason R. Thorpe thorpej@nas.nasa.gov NASA Ames Research Center Home: 408.866.1912 NAS: M/S 258-6 Work: 415.604.0935 Moffett Field, CA 94035 Pager: 415.428.6939
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610211534.IAA10359>