From owner-freebsd-audit Tue May 8 5:28:45 2001 Delivered-To: freebsd-audit@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id C83A137B423 for ; Tue, 8 May 2001 05:28:36 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f48CSGb59888; Tue, 8 May 2001 15:28:16 +0300 (EEST) (envelope-from ru) Date: Tue, 8 May 2001 15:28:16 +0300 From: Ruslan Ermilov To: Kris Kennaway Cc: audit@FreeBSD.ORG Subject: Re: ping6 fixes Message-ID: <20010508152816.A58026@sunbay.com> References: <20010508040347.A93281@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010508040347.A93281@xor.obsecurity.org>; from kris@obsecurity.org on Tue, May 08, 2001 at 04:03:48AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, May 08, 2001 at 04:03:48AM -0700, Kris Kennaway wrote: [...] > + > + /* revoke root privilege */ > + seteuid(getuid()); > + setuid(getuid()); > > /* > optval = 1; I still think seteuid() here is superfluous, but see below. I've just checked that OpenBSD's setuid() behaves differently, as mandated by recent POSIX specs. The differences are as follows: In FreeBSD, setuid() function sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value, if the specified ID is equal to the real user ID or the effective user ID of the process, or if the effective user ID is that of the super user. In OpenBSD, the behavior changes a little. The setuid() similarly sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value, if the effective user ID is that of the super user, or if the specified user ID is the same as the effective user ID. (Here follows the difference.) If not, but the specified user ID is the same as the real user ID, setuid() will set the effective user ID to the real user ID. Under OpenBSD, the attached program succeeds: seteuid() to the fake (12345) UID setuid() to the real (1010) UID seteuid() back to the saved (0) UID Under FreeBSD, it fails with: seteuid() to the fake (12345) UID setuid() to the real (1001) UID seteuid() back to the saved (0) UID setuid: seteuid: Operation not permitted Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message