From owner-freebsd-current  Wed Nov  6  3: 9:21 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E9FC037B406
	for <current@FreeBSD.ORG>; Wed,  6 Nov 2002 03:09:20 -0800 (PST)
Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 37CDC43E42
	for <current@FreeBSD.ORG>; Wed,  6 Nov 2002 03:09:20 -0800 (PST)
	(envelope-from imp@bsdimp.com)
Received: from localhost (warner@rover2.village.org [10.0.0.1])
	by harmony.village.org (8.12.3/8.12.3) with ESMTP id gA6B8spk093444;
	Wed, 6 Nov 2002 04:08:55 -0700 (MST)
	(envelope-from imp@bsdimp.com)
Date: Wed, 06 Nov 2002 04:08:40 -0700 (MST)
Message-Id: <20021106.040840.44734873.imp@bsdimp.com>
To: kientzle@acm.org
Cc: flynn@energyhq.homeip.net, morganw@chemikals.org,
	current@FreeBSD.ORG
Subject: Re: libc size
From: "M. Warner Losh" <imp@bsdimp.com>
In-Reply-To: <3DC6CB56.8090809@acm.org>
References: <3DC1AB26.5020708@acm.org>
	<20021103155858.3be6eda9.flynn@energyhq.homeip.net>
	<3DC6CB56.8090809@acm.org>
X-Mailer: Mew version 2.1 on Emacs 21.2 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

In message: <3DC6CB56.8090809@acm.org>
            Tim Kientzle <kientzle@acm.org> writes:
: Several people have pointed out that FreeBSD has
: certain protections against LD_LIBRARY_PATH exploits,
: but there are still real questions here.  (Kernel
: races, possibly?)  Privilege elevation is an
: interesting idea, but tricky to audit.

There are no known issues in this area, and haven't been for a couple
of years now.  While this isn't proof, it is a compelling argument.
This isn't a real question, to be honest.  We've had dynamically
linked setuid/setgid programs for years.  The only issues have been in
the setuid/setgid code itself, not the dynamic linker.  Bugs of this
nature haven't really been a problem.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message