From owner-freebsd-security  Thu Sep 17 13:20:47 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA18283
          for freebsd-security-outgoing; Thu, 17 Sep 1998 13:20:47 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from beatrice.rutgers.edu (beatrice.rutgers.edu [165.230.209.143])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA18204
          for <security@FreeBSD.ORG>; Thu, 17 Sep 1998 13:20:33 -0700 (PDT)
          (envelope-from easmith@beatrice.rutgers.edu)
Received: (from easmith@localhost) by beatrice.rutgers.edu (980427.SGI.8.8.8/970903.SGI.AUTOCF) id QAA23714; Thu, 17 Sep 1998 16:19:52 -0400 (EDT)
From: "Allen Smith" <easmith@beatrice.rutgers.edu>
Message-Id: <9809171619.ZM23712@beatrice.rutgers.edu>
Date: Thu, 17 Sep 1998 16:19:52 -0400
In-Reply-To: Alexandre Snarskii <snar@paranoia.ru>   "Re: The 99,999-bug question: Why can you execute from the stack?" (Jul 20,  9:42am)
References: <199807200102.SAA07953@bubba.whistle.com> 
	<199807200148.TAA07794@harmony.village.org> 
	<imp@village.org>  <9807192209.ZM23527@beatrice.rutgers.edu> 
	<19980720173800.17978@nevalink.ru>
X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail)
To: Alexandre Snarskii <snar@paranoia.ru>, Warner Losh <imp@village.org>
Subject: Re: The 99,999-bug question: Why can you execute from the stack?
Cc: security@FreeBSD.ORG
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Jul 20,  9:42am, Alexandre Snarskii (possibly) wrote:
> 
> On Sun, Jul 19, 1998 at 10:09:29PM -0400, Allen Smith wrote:

> > I'd suggest adding anything executing with an effective uid of root;
> > keep in mind servers. I've actually worked on this with the
> > libparanoia's libc substitution, at least with the non-assembler ones;
> > I'll try to find the time to test soon whether this actually speeds
> > things up.
> 
> Better approach is (every suid/sgid program) or ( euid == 0 ).
> Patch to libparanoia/stentry.c attached. ( You have no need to 
> patch any other file - all checks are in stentry.c, others is just 
> standard files from /usr/src/lib/libc, just calls to stentry.c functions
> added ). 
> Patched libparanoia available at 
> ftp://ftp.lexa.ru/pub/domestic/snar/libparanoia.1.1.tgz

Sorry about the delay on replying to this; I've been busy. While this
is a nicer way to do this in many ways, I am concerned in whether the
delay from calling the libparanoia checks is from the function call or 
from what the function does. If the latter, fine; if the former, the
problem I was working on (avoiding the slowdown except when really
needed) still exists. Any idea which is the case? (Of course, there's
also the time taken in doing the issetugid and geteuid checks in
either case, whether one has them in the individual functions or in
stentry.c.) If need be, I'll try some profiling, but I'd prefer to
avoid that if someone already knows the answer.

	Thanks,

	-Allen

-- 
Allen Smith				easmith@beatrice.rutgers.edu
	

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message