Date: Tue, 5 Aug 1997 02:58:51 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, tqbf@enteract.com Cc: security@FreeBSD.ORG, sef@Kithrup.COM Subject: Re: Proposed alternate patch for the rfork vulnerability Message-ID: <199708041658.CAA02664@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> I think exec should just fail if it can't honour setuid'ness. For ptrace > >Why? What does this win? Conformance with the rfork man page: ! RFFDG If set, the invoker's file descriptor table (see intro(2) ! ) is copied; otherwise the two processes share a single ! table. !... ! File descriptors in a shared file descriptor table are kept open until ! either they are explicitly closed or all processes sharing the table ex- ! it. It doesn't say that exec turns off the sharing. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708041658.CAA02664>