From owner-freebsd-security Mon Jul 28 17:17:30 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA15523 for security-outgoing; Mon, 28 Jul 1997 17:17:30 -0700 (PDT) Received: from netrail.net (netrail.net [205.215.10.3]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA15509 for ; Mon, 28 Jul 1997 17:17:15 -0700 (PDT) Received: from localhost (jonz@localhost) by netrail.net (8.8.6/8.8.6) with SMTP id UAA02192; Mon, 28 Jul 1997 20:16:08 GMT Date: Mon, 28 Jul 1997 20:16:08 +0000 (GMT) From: "Jonathan A. Zdziarski" To: Vincent Poy cc: Nate Williams , Robert Watson , Tomasz Dudziak , security@freebsd.org, "[Mario1-]" , JbHunt Subject: Re: security hole in FreeBSD In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Actually if you kill the root httpd the others do die (or are supposed to) ------------------------------------------------------------------------- Jonathan A. Zdziarski NetRail Incorporated Server Engineering Manager 230 Peachtree St. Suite 500 jonz@netrail.net Atlanta, GA 30303 http://www.netrail.net (888) - NETRAIL ------------------------------------------------------------------------- On Mon, 28 Jul 1997, Vincent Poy wrote: :On Mon, 28 Jul 1997, Jonathan A. Zdziarski wrote: : :=)httpd and sessiond initially are run as root, before they spawn off into :=)separate processes. If you replace httpd and sessiond with your own code, :=)so that before it changes its uid and forks, you will get a root shell : : That's true too since even if you kill the first httpd, the other :processes don't die. : : :Cheers, :Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ :Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] :GaiaNet Corporation - M & C Estate / / / / | / | __] ] :Beverly Hills, California USA 90210 / / / / / |/ / | __] ] :HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] : :