From owner-cvs-all  Tue Apr 23  8:20:14 2002
Delivered-To: cvs-all@freebsd.org
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4B81837B41A; Tue, 23 Apr 2002 08:20:06 -0700 (PDT)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
	by gw.nectar.cc (Postfix) with ESMTP
	id AF72265; Tue, 23 Apr 2002 10:20:05 -0500 (CDT)
Received: from madman.nectar.cc (localhost [IPv6:::1])
	by madman.nectar.cc (8.12.3/8.11.6) with ESMTP id g3NFK5FM028830;
	Tue, 23 Apr 2002 10:20:05 -0500 (CDT)
	(envelope-from nectar@madman.nectar.cc)
Received: (from nectar@localhost)
	by madman.nectar.cc (8.12.3/8.12.3/Submit) id g3NFK3NM028829;
	Tue, 23 Apr 2002 10:20:03 -0500 (CDT)
Date: Tue, 23 Apr 2002 10:20:03 -0500
From: "Jacques A. Vidrine" <nectar@FreeBSD.org>
To: Mike Barcroft <mike@FreeBSD.org>
Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>,
	Garrett Wollman <wollman@lcs.mit.edu>,
	"M. Warner Losh" <imp@village.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h
Message-ID: <20020423152003.GB28750@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
	Mike Barcroft <mike@FreeBSD.org>,
	Poul-Henning Kamp <phk@critter.freebsd.dk>,
	Garrett Wollman <wollman@lcs.mit.edu>,
	"M. Warner Losh" <imp@village.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
References: <20020422160742.B8421@espresso.q9media.com> <78396.1019545495@critter.freebsd.dk> <20020423104722.D72727@espresso.q9media.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020423104722.D72727@espresso.q9media.com>
User-Agent: Mutt/1.3.28i
X-Url: http://www.nectar.cc/
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

On Tue, Apr 23, 2002 at 10:47:22AM -0400, Mike Barcroft wrote:
> Doing the base system will be far easier than say changing all
> function declarations from K&R to ANSI C.  The 6 line check could
> easily be added to a common libc function, and one line function call
> added to the main() of every set[ug]id program.  I'm willing to do
> develop a patchset over the weekend.

I prefer

   do {
       fd = open("/dev/null", O_RDWR);
       if (fd < 0)
           exit(1);
   } while (fd < 3);
   close(fd);

but I've already added that to all setuid executables that will ever
run on FreeBSD -- even if they haven't been invented yet.
 
> As far as ports go, every port that relies on the standard file
> descriptors being open and doesn't check for them, is vulnerable to
> this exploit on almost every UNIX-like system including most versions
> of FreeBSD.  

See bugtraq Message-ID: <20020422222822.A27144@outpost.ds9a.nl> for a
different point of view.  (We seem to be one of the few unices left
that didn't already do this.)

Cheers,
-- 
Jacques A. Vidrine <n@nectar.cc>                 http://www.nectar.cc/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message