From owner-freebsd-security@FreeBSD.ORG  Tue Oct  2 14:46:06 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1F68D106564A
	for <freebsd-security@freebsd.org>;
	Tue,  2 Oct 2012 14:46:06 +0000 (UTC)
	(envelope-from lists@eitanadler.com)
Received: from mail-pa0-f54.google.com (mail-pa0-f54.google.com
	[209.85.220.54])
	by mx1.freebsd.org (Postfix) with ESMTP id DAF3A8FC14
	for <freebsd-security@freebsd.org>;
	Tue,  2 Oct 2012 14:46:05 +0000 (UTC)
Received: by padbi1 with SMTP id bi1so6023671pad.13
	for <freebsd-security@freebsd.org>;
	Tue, 02 Oct 2012 07:46:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=eitanadler.com; s=0xdeadbeef;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type;
	bh=A6NAYWOmFHSakYnvzzXMnBuckQtbfuiZY1HgPeiEiMc=;
	b=UGvYLY62BeZwT56qIAyUik7/WALkB8e4CtbMqhoz+aCs1e04Bk+wyxsqzjbL9tayQF
	2woqRqvfEdF/tZXn3y57gJ2GHOIj0PocjE/VS5m5FfOHkxlAYpaGJ2oTMOuFoiuCy3Qr
	Xg0S0Lyqi4MmqSLJrzg2NqDW1gWuRF8TD8DnU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type:x-gm-message-state;
	bh=A6NAYWOmFHSakYnvzzXMnBuckQtbfuiZY1HgPeiEiMc=;
	b=I2vhP4aqwgnsZrrjNfCn9Uj62yx1jqtpWVCobhKL87m3zLYsRGHxAzF85ZyMHmR28o
	HqDoAXWLtx5ZxPrv416+jAmvVHSnrwkG+G+XfwBe4keJ6AbK58ZXl6BaIC2nfDKQnO1K
	9cEC1xlczpnn7BiiCI1YciBN8f8MoVUzHbGNsi0ic7sGT/ZIQOd6x4tFjJCPzZLnkqoB
	HZ0GD/wU6ZV/jJcAemzHxljhTCH9fTBEs5ZuGET+ZYnyi+FCYsmAxAO1D46YbsnND8OX
	b45rGovXTj7cREjAQix24bs6DC3fBoLPlXIsDpyxfb4jsrnQxhZGpoe0t5wgnF7pTEBp
	SS9g==
Received: by 10.68.200.231 with SMTP id jv7mr4747025pbc.140.1349189164690;
	Tue, 02 Oct 2012 07:46:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.66.190.164 with HTTP; Tue, 2 Oct 2012 07:45:34 -0700 (PDT)
In-Reply-To: <ECC8690A-9B5D-41FB-BF1D-CC170147BEEC@cederstrand.dk>
References: <9DD86238-51C8-4F38-B7EB-BD773039888B@cederstrand.dk>
	<20121001104901.GJ35915@deviant.kiev.zoral.com.ua>
	<F81C009D-F993-4398-B377-D0B4A0ABA7E3@cederstrand.dk>
	<20121001110805.GL35915@deviant.kiev.zoral.com.ua>
	<CAF6rxgmKWfefr5tvM3-0PQM3EKWockkb8A4sCiyYekxs5b4fGA@mail.gmail.com>
	<ECC8690A-9B5D-41FB-BF1D-CC170147BEEC@cederstrand.dk>
From: Eitan Adler <lists@eitanadler.com>
Date: Tue, 2 Oct 2012 10:45:34 -0400
Message-ID: <CAF6rxgnkLcoL4eAbKxC=-OY=G9O--TLYT8C2xEtu1u7yrNUD5A@mail.gmail.com>
To: Erik Cederstrand <erik@cederstrand.dk>
Content-Type: text/plain; charset=UTF-8
X-Gm-Message-State: ALoCoQlcSjnY49HEw34w+9ZXAc6dLUZtiaLIHVWpmS8bCNvP7gLv6Oz1E2SqMnJnXzPg7lj3myQL
Cc: Konstantin Belousov <kostikbel@gmail.com>,
	"freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject: Re: Opinion on checking return value of setuid(getuid())?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2012 14:46:06 -0000

On 2 October 2012 08:38, Erik Cederstrand <erik@cederstrand.dk> wrote:
> Den 01/10/2012 kl. 13.55 skrev Eitan Adler <lists@eitanadler.com>:
>
>> On 1 October 2012 07:08, Konstantin Belousov <kostikbel@gmail.com> wrote:
>>> I do not believe in the dreadful 'flood ping' security breach. Is a
>>> local escalation possible with non-dropped root ?
>>
>> It is clearly a local escalation: a non-root user can do something
>> which was intended only for root. It is a different question how
>> serious the breach is.
>
> Are there any objections to the path I attached in my first post? To the approach in general? If not, I'll send a PR so it doesn't get lost.
Not by me. Please cc me on the PR as I'll commit if no one else objects.


-- 
Eitan Adler