From owner-freebsd-security@FreeBSD.ORG  Mon Oct  1 11:56:00 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B664A1065672
	for <freebsd-security@freebsd.org>;
	Mon,  1 Oct 2012 11:56:00 +0000 (UTC)
	(envelope-from lists@eitanadler.com)
Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com
	[209.85.160.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 7F89B8FC12
	for <freebsd-security@freebsd.org>;
	Mon,  1 Oct 2012 11:55:59 +0000 (UTC)
Received: by pbbrp8 with SMTP id rp8so8739067pbb.13
	for <freebsd-security@freebsd.org>;
	Mon, 01 Oct 2012 04:55:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=eitanadler.com; s=0xdeadbeef;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type;
	bh=E1Pp68vcNXJbN8n0aWtplTD16OmfOnEtqInzAt89AVo=;
	b=KAJ+Tqzym99hQ4eCz7DYxU/xPreR8MXiX3F3Pa9h/FRTV3yOdYUJO6p4rObN+Ie0Zd
	5wzWBVRlcGafRUmL0ybkyOVmR/1jwmwWcFoAK6KwjWLs5MeSTtBmtxaYCSQ4CEkCvYpY
	FqnbwIQG6C4WCAZEoNAr934MXcR+8T5SbzhsI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type:x-gm-message-state;
	bh=E1Pp68vcNXJbN8n0aWtplTD16OmfOnEtqInzAt89AVo=;
	b=HTzDRoabc1cKXLEusRdKrj1MP4xEH8rTHOaAo1JPA2HMqr1YKed7NkEp6gSXrohKob
	zjoNkzXHmahfDLrNOCaW7BWncdQ5O52bfHUkvsKVS36b32xLK3azPXUjUeV9qD2WfLoY
	ZCr0S9YktNPRfkgxasbonDZN/xzJODFY5FP6lNNd5KthHHuYSfWk1asaB3sUlr6vex3b
	hGEcdLKC4CkFRoFE6TFn1/pbM2PiBcB2CUV54zXWhIGOF0XUgILpnztzaSjRGba+HKMB
	Ay2okIn7Rz97gBzbiY7RILLCeAs+kQHDdEIWbCvXqfohW4FYZrdK9ZzaedKA/KkY7Jfo
	vYpg==
Received: by 10.66.81.103 with SMTP id z7mr9773458pax.57.1349092559606; Mon,
	01 Oct 2012 04:55:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.66.190.164 with HTTP; Mon, 1 Oct 2012 04:55:29 -0700 (PDT)
In-Reply-To: <20121001110805.GL35915@deviant.kiev.zoral.com.ua>
References: <9DD86238-51C8-4F38-B7EB-BD773039888B@cederstrand.dk>
	<20121001104901.GJ35915@deviant.kiev.zoral.com.ua>
	<F81C009D-F993-4398-B377-D0B4A0ABA7E3@cederstrand.dk>
	<20121001110805.GL35915@deviant.kiev.zoral.com.ua>
From: Eitan Adler <lists@eitanadler.com>
Date: Mon, 1 Oct 2012 07:55:29 -0400
Message-ID: <CAF6rxgmKWfefr5tvM3-0PQM3EKWockkb8A4sCiyYekxs5b4fGA@mail.gmail.com>
To: Konstantin Belousov <kostikbel@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-Gm-Message-State: ALoCoQkU/ld9En7lDwgmcECwREIuv0dvpPnmkQlEaml9cw/iqzlKzDWoAm2BvJeqChEtspHjf3Nt
Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>,
	Erik Cederstrand <erik@cederstrand.dk>
Subject: Re: Opinion on checking return value of setuid(getuid())?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Oct 2012 11:56:00 -0000

On 1 October 2012 07:08, Konstantin Belousov <kostikbel@gmail.com> wrote:
> I do not believe in the dreadful 'flood ping' security breach. Is a
> local escalation possible with non-dropped root ?

It is clearly a local escalation: a non-root user can do something
which was intended only for root. It is a different question how
serious the breach is.



-- 
Eitan Adler