Date: Wed, 12 Aug 1998 21:41:06 -0600 From: Brett Glass <brett@lariat.org> To: andrewr <andrewr@slack.net> Cc: ben@efn.org, Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, Marc Slemko <marcs@znep.com>, "Mark J. Taylor" <mtaylor@cybernet.com>, freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client Message-ID: <199808130341.VAA06765@lariat.lariat.org> In-Reply-To: <Pine.NEB.3.96.980812233945.14086B-100000@brooklyn.slack.ne t> References: <199808130258.UAA06194@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
What fix to the kernel would be required? Since ps runs setuid, isn't a restriction in ps sufficient? (It should be able to keep you from seeing anything it doesn't want you to see, unless the parent process can grab its file descriptors and do nasty things with them.) --Brett At 11:43 PM 8/12/98 -0400, andrewr wrote: > > >On Wed, 12 Aug 1998, Brett Glass wrote: > >> Commit this, sez I. It looks good. > >Not so fast. Must fix kernel first, then do a patch to ps(1), which I >have already done (including, testing to see if a pid is owned by the user >checking, etc etc etc). I know someone that patched their kernel to fix >this. I'll speak to them about a patch. > >Andrew > > > >> >> --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808130341.VAA06765>