Date: Mon, 1 Oct 2012 13:39:33 +0200 From: Erik Cederstrand <erik@cederstrand.dk> To: Konstantin Belousov <kostikbel@gmail.com> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: Opinion on checking return value of setuid(getuid())? Message-ID: <2E17A82C-16D8-4DCD-86F0-93C28C5C4257@cederstrand.dk> In-Reply-To: <20121001110805.GL35915@deviant.kiev.zoral.com.ua> References: <9DD86238-51C8-4F38-B7EB-BD773039888B@cederstrand.dk> <20121001104901.GJ35915@deviant.kiev.zoral.com.ua> <F81C009D-F993-4398-B377-D0B4A0ABA7E3@cederstrand.dk> <20121001110805.GL35915@deviant.kiev.zoral.com.ua>
index | next in thread | previous in thread | raw e-mail
Den 01/10/2012 kl. 13.08 skrev Konstantin Belousov <kostikbel@gmail.com>: > > I do not believe in the dreadful 'flood ping' security breach. Is a > local escalation possible with non-dropped root ? No idea. Reading the code, I see some functionality the author decided should only be accessible to root users. There's 600 lines of code left in main() and I'm not skilled enough to see if there are any potential exploits left. If it's not a security breach then I'm on the wrong list, but I guess it still leads to unintended behavior if setuid() fails? Erikhelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2E17A82C-16D8-4DCD-86F0-93C28C5C4257>