Date: Tue, 28 Oct 1997 00:00:21 -0700 From: Dave Andersen <angio@angio.net> To: Terry Lambert <tlambert@primenet.com> Cc: Don.Lewis@tsc.tdk.com (Don Lewis), jamil@trojanhorse.ml.org, thorpej@nas.nasa.gov, freebsd-hackers@FreeBSD.ORG Subject: Re: Possible SERIOUS bug in open()? (Big time bug) Message-ID: <199710280700.AAA06875@meowy.angio.net> In-Reply-To: Your message of "Tue, 28 Oct 1997 04:08:00 GMT." <199710280408.VAA05972@usr08.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I don't think administrators who remove "r" access to keep users
> > from copying executables would like this, since the users could
> > just switch to a copying program that uses mmap.
>
> A user can just ctrl-\ the thing and get a core and "undump" it now.
>
> If it's a net program, they can just download it.
In reverse order:
a) You'd most commonly do this to a program you wrote yourself to
protect it from exploitation and/or examination, not for
something you got off the net.
b) Setuid programs haven't dumped core since the ftpd problem
a while ago.
> > In some environments it might not be acceptable to get even this much
> > access, so it might make sense to allow the administrator to disable
> > core file generation and the ability to attach a debugger if you don't
> > have "r" access.
>
> Well, that's the next logical paranoid step, of course... ;-).
meowy /tmp >> gdb ./setuidme
...
GDB 4.16 (i386-unknown-freebsd),
./setuidme: Permission denied.
(gdb)
-Dave
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710280700.AAA06875>