From owner-freebsd-security Wed Jun 7 5:45:22 2000 Delivered-To: freebsd-security@freebsd.org Received: from burka.carrier.kiev.ua (burka.carrier.kiev.ua [193.193.193.107]) by hub.freebsd.org (Postfix) with ESMTP id 8F25A37B52B for ; Wed, 7 Jun 2000 05:45:16 -0700 (PDT) (envelope-from netch@lucky.net) Received: from netch@localhost by burka.carrier.kiev.ua id PRK99342 for freebsd-security@FreeBSD.ORG; Wed, 7 Jun 2000 15:45:12 +0300 (EEST) (envelope-from netch) Date: Wed, 7 Jun 2000 15:45:12 +0300 From: Valentin Nechayev To: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug) Message-ID: <20000607154512.B82711@lucky.net> Reply-To: netch@lucky.net References: <200006070424.e574Od303232@cwsys.cwsent.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200006070424.e574Od303232@cwsys.cwsent.com>; from Cy.Schubert@uumail.gov.bc.ca on Tue, Jun 06, 2000 at 09:24:34PM -0700 X-42: On Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Tue, Jun 06, 2000 at 21:24:34, Cy.Schubert wrote about "Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug)": > >From a security standpoint there should be no world writable > directories whatsoever, even with the sticky bit turned on, however in > today's environment, given that compatibility with other unixces might > be desireable, this may be unreasonable. At the very least root and > semi-privileged accounts, e.g. oracle, should absolutely never use a > directory that other users can write to. For one big security hole named Unix, it is true. FreeBSD is not an exception. But it is simple to extend existing interface, i.e., for O_DONTFOLLOWMID and O_NOSPECIAL flag in open(), and disable most of such exploits without risk of race condition. Of course, full solution should be more complicated. > If anyone thinks I've contradicted myself in this note, my intention > was to open the discussion to a wider range of possibilities than is > currently being discussed. On one hand we have compatibility with > other UNIX systems out there and in the other extreme we have a more > secure solution. Then of course there's the middle ground, wherever > that may be. Well, and what is your alternative to /tmp/.X11-unix? -- NVA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message