Date: Mon, 4 Aug 1997 16:51:41 +1000 From: Bruce Evans <bde@zeta.org.au> To: security@freebsd.org, sef@Kithrup.COM Subject: Re: Proposed alternate patch for the rfork vulnerability Message-ID: <199708040651.QAA08668@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>I haven't looked at the rfork code extensively... I should. However, >something similar to the following should be done for every shared resource >that might be inhereted across a fork. (However, what are those? Looking at I think exec should just fail if it can't honour setuid'ness. For ptrace it is OK to turn off the trace bit and succeed, since tracing is unlikely to be essential to the operation of the new process image, but ignoring the setuid bit or changing the resources may affect operation. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708040651.QAA08668>