Date: Wed, 5 Feb 1997 15:53:16 -0600 (CST) From: "Thomas H. Ptacek" <tqbf@enteract.com> To: karl@Mcs.Net (Karl Denninger) Cc: tqbf@enteract.com, freebsd-security@freebsd.org Subject: Re: While we're on the subject... Message-ID: <199702052153.PAA06787@enteract.com> In-Reply-To: <199702052142.PAA15082@Jupiter.Mcs.Net> from "Karl Denninger" at Feb 5, 97 03:42:56 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> If euid != uid, then you're running SUID *NOW*. > If euid = 0, then you're running as root *NOW*. Saved credentials. Processes that temporarily suspend privilege are just as vulnerable as processes that maintain it. There's no good way to figure out exactly what your credentials are from within libc. ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "I'm standing alone, I'm watching you all, I'm seeing you sinking."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052153.PAA06787>