From owner-freebsd-security Wed Feb 5 14:30:38 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA17559 for security-outgoing; Wed, 5 Feb 1997 14:30:38 -0800 (PST) Received: from root.com (implode.root.com [198.145.90.17]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA17553 for ; Wed, 5 Feb 1997 14:30:36 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by root.com (8.7.6/8.6.5) with SMTP id OAA11775; Wed, 5 Feb 1997 14:30:31 -0800 (PST) Message-Id: <199702052230.OAA11775@root.com> X-Authentication-Warning: implode.root.com: Host localhost [127.0.0.1] didn't use HELO protocol To: Karl Denninger cc: tqbf@enteract.com, freebsd-security@freebsd.org Subject: Re: While we're on the subject... In-reply-to: Your message of "Wed, 05 Feb 1997 16:24:30 CST." <199702052224.QAA16588@Jupiter.Mcs.Net> From: David Greenman Reply-To: dg@root.com Date: Wed, 05 Feb 1997 14:30:31 -0800 Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >> >If euid != uid, then you're running SUID *NOW*. >> >If euid = 0, then you're running as root *NOW*. >> > >> >Why does it matter what you might have been sometime before? The issue is >> >what you are running as at the time the call is made, no? >> >> Programs that were once privileged might have read sensitive information >> into memory which could possibly be read out if some hole were exploited. >> >> -DG >> >> David Greenman >> Core-team/Principal Architect, The FreeBSD Project > >Sure, but you can't fix that without a flag in the process structure. Right, we have P_SUGID that indicates whenever a process might have been messing with uid/gid's. It's currently set more often than it needs to be, but this can/will be fixed. At the moment it's used for several things, preventing core dumps of processes with the flag set is one of them. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project