Date: Sun, 10 Aug 1997 10:51:27 +0000 (GMT) From: Alfred Perlstein <perlsta@sunyit.edu> To: Eivind Eklund <perhaps@yes.no> Cc: hackers@FreeBSD.ORG Subject: Re: Fix for the PROCFS security hole! Message-ID: <Pine.BSF.3.96.970810104804.7529A-100000@server.local.sunyit.edu> In-Reply-To: <199708101539.RAA05202@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Well that seems to be the answer then, however i think that a program running as root should be able to modify it's child processes. I'd love to write it but i'm not sure if i know enough about it... ._________________________________________ __ _ |Alfred Perlstein - Programming & SysAdmin |perlsta@sunyit.edu |http://www.cs.sunyit.edu/~perlsta : ---"Have you seen my FreeBSD tatoo?" ' On Sun, 10 Aug 1997, Eivind Eklund wrote: > > > > > > I'm not to sure how to do it, but IF the procfs system could be modified > > to somehow act like the /dev/tty* system, where the second a user > > logs on the device is then owned by them and all other users access is > > revoked. This could work that a setuid proc when exec'd, procfs would > > automatically change permissions on it so that it is untainable. > > Possibly. It seems somewhat difficult, though, as when you have a > file-descriptor I believe the access is only checked the moment you > open the file, not on each access. Thus, you can e.g. drop root > privileges after having bound to a privileged port. > > It might be possible to hack only procfs to actually do that checking, > though. Seems the most feasible way to solve this. > > Eivind. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970810104804.7529A-100000>