Date: Wed, 5 Feb 1997 15:42:56 -0600 (CST) From: Karl Denninger <karl@Mcs.Net> To: tqbf@enteract.com Cc: freebsd-security@freebsd.org Subject: Re: While we're on the subject... Message-ID: <199702052142.PAA15082@Jupiter.Mcs.Net> In-Reply-To: <199702052042.OAA27560@enteract.com> from "Thomas H. Ptacek" at Feb 5, 97 02:42:07 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > OpenBSD has the locale issue resolved reliably already. > > OpenBSD supports issetugid(). > > Thus, I can tell, even when I'm deep in libc, if I was called from an SUID > program. I can do that because execve() flipped a bit in my proc structure > when it noticed that I was SUID. > > This is a good thing. > > Meaningless UID checks probably aren't. Anything could have happened to my > creds, depending on the programmer calling the library, and I have no way > of determining what happened. > > What's holding FreeBSD up on supporting issetugid()? > > ---------------- > Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] > ---------------- > "I'm standing alone, I'm watching you all, I'm seeing you sinking." If euid != uid, then you're running SUID *NOW*. If euid = 0, then you're running as root *NOW*. Why does it matter what you might have been sometime before? The issue is what you are running as at the time the call is made, no? -- -- Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service | 99 Analog numbers, 77 ISDN, Web servers $75/mo Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net/ Fax: [+1 773 248-9865] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052142.PAA15082>