From owner-freebsd-hackers Thu Oct 17 17:56:40 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA13818 for hackers-outgoing; Thu, 17 Oct 1996 17:56:40 -0700 (PDT) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA13810; Thu, 17 Oct 1996 17:56:34 -0700 (PDT) Received: from msmith@localhost by genesis.atrad.adelaide.edu.au (8.6.12/8.6.9) id KAA20694; Fri, 18 Oct 1996 10:25:31 +0930 From: Michael Smith Message-Id: <199610180055.KAA20694@genesis.atrad.adelaide.edu.au> Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c To: guido@gvr.win.tue.nl (Guido van Rooij) Date: Fri, 18 Oct 1996 10:25:31 +0930 (CST) Cc: thorpej@nas.nasa.gov, phk@critter.tfs.com, guido@FreeBSD.org, freebsd-hackers@FreeBSD.org, tech-userlevel@netbsd.org In-Reply-To: <199610172004.WAA11623@gvr.win.tue.nl> from "Guido van Rooij" at Oct 17, 96 10:04:45 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Guido van Rooij stands accused of saying: > > > > > bzero'ing a hash buffer is not a complete solution to the problem, > > since the process may contain other potentially sensitive data > > in its address space. What you really want to do is protect > > the cores. > > > > > And what about a user attaching a debugger to a running ftpd... If it's running as root, they have to be root already. If it's changed its UID, as has already been pointed out, you _can't_ attach to it for just this reason. > -Guido > -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) [[ ]] realtime instrument control (ph/fax) +61-8-8267-3493 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[