From owner-freebsd-hackers  Sun Jul 25 22:15:39 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from kithrup.com (kithrup.com [205.179.156.40])
	by hub.freebsd.org (Postfix) with ESMTP
	id 095F114CC2; Sun, 25 Jul 1999 22:15:36 -0700 (PDT)
	(envelope-from sef@kithrup.com)
Received: (from sef@localhost)
	by kithrup.com (8.8.8/8.8.8) id WAA08897;
	Sun, 25 Jul 1999 22:13:33 -0700 (PDT)
	(envelope-from sef)
Date: Sun, 25 Jul 1999 22:13:33 -0700 (PDT)
From: Sean Eric Fagan <sef@kithrup.com>
Message-Id: <199907260513.WAA08897@kithrup.com>
To: jkoshy@FreeBSD.ORG
Cc: hackers@FreeBSD.ORG
Reply-To: hackers@FreeBSD.ORG
Subject: Re: deny ktrace without read permissions? 
References: Your message of "Sat, 24 Jul 1999 11:24:39 CST."
             <199907241724.LAA13835@mt.sri.com> 
Organization: Kithrup Enterprises, Ltd.
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In article <199907260450.VAA10559.kithrup.freebsd.hackers@freefall.freebsd.org> you write:
>Yes, but /if/ KTRACE is present, today's code allows you to bypass
>the lack of read permissions on an executable.  That shouldn't be
>allowed.  The current behaviour could be regarded as a security
>hole actually :).

No more so than core dumps do.

I vote strongly against this change.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message