From owner-freebsd-hackers  Sun Jul 25 23:23:26 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id 63BD114ECB
	for <hackers@FreeBSD.ORG>; Sun, 25 Jul 1999 23:23:20 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id AAA63236
	for <hackers@FreeBSD.ORG>; Mon, 26 Jul 1999 00:22:53 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id AAA37680 for <hackers@FreeBSD.ORG>; Mon, 26 Jul 1999 00:23:50 -0600 (MDT)
Message-Id: <199907260623.AAA37680@harmony.village.org>
To: hackers@FreeBSD.ORG
Subject: Re: deny ktrace without read permissions? 
In-reply-to: Your message of "Sun, 25 Jul 1999 22:48:52 PDT."
		<199907260548.WAA10899@kithrup.com> 
References: <199907260548.WAA10899@kithrup.com>  
Date: Mon, 26 Jul 1999 00:23:50 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <199907260548.WAA10899@kithrup.com> Sean Eric Fagan writes:
: if you care about security, you made the damned executable suid or
: sgid.  Then ktrace, ptrace, truss, and core dumps do not work.  Even
: if it simply does setuid(getruid()).

It also disables attacking the contents of the executable by
LD_LIBRARY_PATH....

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message