From owner-freebsd-security Wed Feb 5 13:54:04 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA14829 for security-outgoing; Wed, 5 Feb 1997 13:54:04 -0800 (PST) Received: from enteract.com (root@enteract.com [206.54.252.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA14823 for ; Wed, 5 Feb 1997 13:54:00 -0800 (PST) Received: (from tqbf@localhost) by enteract.com (8.8.5/8.7.6) id PAA06787; Wed, 5 Feb 1997 15:53:58 -0600 (CST) From: "Thomas H. Ptacek" Message-Id: <199702052153.PAA06787@enteract.com> Subject: Re: While we're on the subject... To: karl@Mcs.Net (Karl Denninger) Date: Wed, 5 Feb 1997 15:53:16 -0600 (CST) Cc: tqbf@enteract.com, freebsd-security@freebsd.org Reply-To: tqbf@enteract.com In-Reply-To: <199702052142.PAA15082@Jupiter.Mcs.Net> from "Karl Denninger" at Feb 5, 97 03:42:56 pm X-Mailer: ELM [version 2.4 PL24 ME8a] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > If euid != uid, then you're running SUID *NOW*. > If euid = 0, then you're running as root *NOW*. Saved credentials. Processes that temporarily suspend privilege are just as vulnerable as processes that maintain it. There's no good way to figure out exactly what your credentials are from within libc. ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "I'm standing alone, I'm watching you all, I'm seeing you sinking."