From owner-freebsd-security Wed Aug 12 20:41:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA02666 for freebsd-security-outgoing; Wed, 12 Aug 1998 20:41:52 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA02654 for ; Wed, 12 Aug 1998 20:41:44 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.6) id VAA06765; Wed, 12 Aug 1998 21:41:10 -0600 (MDT) Message-Id: <199808130341.VAA06765@lariat.lariat.org> X-Sender: brett@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1.0.44 (Beta) Date: Wed, 12 Aug 1998 21:41:06 -0600 To: andrewr From: Brett Glass Subject: Re: Possible security "risk" in ftp client Cc: ben@efn.org, Garrett Wollman , Marc Slemko , "Mark J. Taylor" , freebsd-security@FreeBSD.ORG In-Reply-To: References: <199808130258.UAA06194@lariat.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org What fix to the kernel would be required? Since ps runs setuid, isn't a restriction in ps sufficient? (It should be able to keep you from seeing anything it doesn't want you to see, unless the parent process can grab its file descriptors and do nasty things with them.) --Brett At 11:43 PM 8/12/98 -0400, andrewr wrote: > > >On Wed, 12 Aug 1998, Brett Glass wrote: > >> Commit this, sez I. It looks good. > >Not so fast. Must fix kernel first, then do a patch to ps(1), which I >have already done (including, testing to see if a pid is owned by the user >checking, etc etc etc). I know someone that patched their kernel to fix >this. I'll speak to them about a patch. > >Andrew > > > >> >> --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message