Date: Mon, 4 Aug 1997 13:00:27 -0500 (CDT) From: "Thomas H. Ptacek" <tqbf@enteract.com> To: bde@zeta.org.au (Bruce Evans) Cc: bde@zeta.org.au, tqbf@enteract.com, security@FreeBSD.ORG, sef@Kithrup.COM Subject: Re: Proposed alternate patch for the rfork vulnerability Message-ID: <199708041800.NAA07897@enteract.com> In-Reply-To: <199708041753.DAA05901@godzilla.zeta.org.au> from "Bruce Evans" at Aug 5, 97 03:53:05 am
next in thread | previous in thread | raw e-mail | index | archive | help
> Losing the shared descriptor table on exec is also useless. If the > table is shared then you probably want it to continue to be shared. > This only causes security problems in the setuid case. We're on the same side. The issue has already been resolved; the exact same type of problem (relations between processes that allow one to manipulate the other) was addressed with ptrace(). The solution was to ignore SUID and maintain the ptrace flag, while allowing the execve() to succeed. I don't see why FreeBSD has (apparently) decided to address this issue in a different manner, especially because they are now using an rfork() implementation that is incompatible with OpenBSD's. ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "If you're so special, why aren't you dead?"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708041800.NAA07897>