From owner-freebsd-security  Mon Nov 18 12:42:34 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id MAA10279
          for security-outgoing; Mon, 18 Nov 1996 12:42:34 -0800 (PST)
Received: from quackerjack.cc.vt.edu (quackerjack.cc.vt.edu [198.82.160.250])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA10268
          for <freebsd-security@FreeBSD.org>; Mon, 18 Nov 1996 12:42:30 -0800 (PST)
Received: from sable.cc.vt.edu (sable.cc.vt.edu [128.173.16.30]) by quackerjack.cc.vt.edu (8.7.1/8.7.1) with SMTP id PAA01572; Mon, 18 Nov 1996 15:42:16 -0500 (EST)
Received: from alsatian.cslab.vt.edu (alsatian.cslab.vt.edu [198.82.184.11]) by sable.cc.vt.edu (8.6.12/8.6.12) with SMTP id PAA04565; Mon, 18 Nov 1996 15:42:15 -0500
Received: from husky.cslab.vt.edu by alsatian.cslab.vt.edu (5.65v3.2/1.1.10.5/18Sep96-0417PM)
	id AA15993; Mon, 18 Nov 1996 15:42:14 -0500
From: Jeff Aitken <jaitken@cslab.vt.edu>
Received: by husky.cslab.vt.edu (5.65v3.2/1.1.10.5/22Aug96-1216PM)
	id AA26448; Mon, 18 Nov 1996 15:42:13 -0500
Message-Id: <9611182042.AA26448@husky.cslab.vt.edu>
Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
To: Don.Lewis@tsc.tdk.com (Don Lewis)
Date: Mon, 18 Nov 1996 15:42:13 -0500 (EST)
Cc: freebsd-security@FreeBSD.org
In-Reply-To: <199611181935.LAA16011@salsa.gv.ssi1.com> from "Don Lewis" at Nov 18, 96 11:35:16 am
X-Mailer: ELM [version 2.4 PL25]
Content-Type: text
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Don Lewis writes:
> On Nov 18,  2:16pm, Adam Shostack wrote:
> } Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
> } 
> } 	If network access went through the file system, then 
> } chown smtp /dev/tcp/smtp would give us a known access control
> } mechanism, rather than trying to extend the process table.
> 
> I think mapping network accesses into filesystem space is the way to
> go, but I don't know how to get the semantics right.

Am I mis-remembering things, or is this exactly the sort of thing the
portal filesystem is supposed to provide?  I don't have my 4.4BSD book
handy, but I seem to recall reading about this kind of feature.

-- 
Jeff Aitken 
jaitken@dimension.net