From owner-freebsd-hackers  Tue Jul 13  2:29:52 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from relay03.indigo.ie (relay03.indigo.ie [194.125.133.227])
	by hub.freebsd.org (Postfix) with SMTP id 4265F14EF1
	for <hackers@FreeBSD.org>; Tue, 13 Jul 1999 02:29:39 -0700 (PDT)
	(envelope-from niall@pobox.com)
Received: (qmail 26161 messnum 46249 invoked from network[194.125.134.40/ts01-040.dublin.indigo.ie]); 13 Jul 1999 09:28:55 -0000
Received: from ts01-040.dublin.indigo.ie (HELO pobox.com) (194.125.134.40)
  by relay03.indigo.ie (qp 26161) with SMTP; 13 Jul 1999 09:28:55 -0000
Message-ID: <378B21EE.9E41D3E8@pobox.com>
Date: Tue, 13 Jul 1999 11:24:30 +0000
From: Niall Smart <niall@pobox.com>
X-Mailer: Mozilla 4.6 [en] (X11; I; FreeBSD 3.2-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: "Brian F. Feldman" <green@FreeBSD.org>
Cc: Sheldon Hearn <sheldonh@uunet.co.za>, Doug <Doug@gorean.org>,
	John Polstra <jdp@polstra.com>, imp@village.org, hackers@FreeBSD.org
Subject: Re: a BSD identd
References: <Pine.BSF.4.10.9907121509580.50180-100000@janus.syracuse.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

"Brian F. Feldman" wrote:

> On Mon, 12 Jul 1999, Sheldon Hearn wrote:
> > On Sun, 11 Jul 1999 12:47:30 MST, Doug wrote:
> >
> > >       Finally, Brian might want to search the bugtraq archives before
> > > he commits anything. There have been quite a few identd related
> > > discussions, and it would be points in our favor if we didn't come out
> > > with anything that had known exploits.
[snip]
> 
> It's "out with the bad, in with the good." Pidentd code is pretty terrible.

Agreed, nobody wants a monstrosity of an ident daemon in the base
system.

> The only security concerns with my code were wrt FAKEID, and those were
> mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
> be read.)

Your code is still insecure, I can still obtain 16 characters of the
first line of any file in the system just by symlinking to it.  I
don't see how you expect your checks to defeat that.  What you should
do is setgid && setuid to the user returned by net.inet.tcp.getcred
immediately after doing the sysctl.

Or even better take out this FAKEID stuff.

> If anyone wants to audit my code for security, I invite them to.
> But frankly, I highly doubt anyone will find anything to exploit.

Heh, famous last words.

>    And, why would bugtraq advisories against other identds apply to my
> ident_stream service? This is an entirely different code base.

That doesn't matter, different programmers make the same mistakes
and assumptions when solving the same problem (there is research
into the effectiveness of N-way programming which shows this) and
many attacks are against subtle implementation mistakes which you
may also make.

Regards,

Niall


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message