From owner-freebsd-hackers  Thu Oct 17 22:33:48 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id WAA26220
          for hackers-outgoing; Thu, 17 Oct 1996 22:33:48 -0700 (PDT)
Received: from freefall.freebsd.org (localhost.cdrom.com [127.0.0.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA26215;
          Thu, 17 Oct 1996 22:33:47 -0700 (PDT)
Message-Id: <199610180533.WAA26215@freefall.freebsd.org>
To: Karl Denninger <karl@Mcs.Net>
cc: jdp@polstra.com (John Polstra), ache@nagual.ru, guido@gvr.win.tue.nl,
        thorpej@nas.nasa.gov, phk@critter.tfs.com, freebsd-hackers@freebsd.org,
        tech-userlevel@NetBSD.ORG
Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c 
In-reply-to: Your message of "Fri, 18 Oct 1996 00:21:38 CDT."
             <199610180521.AAA08257@Jupiter.Mcs.Net> 
Date: Thu, 17 Oct 1996 22:33:46 -0700
From: "Justin T. Gibbs" <gibbs@freefall.freebsd.org>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>Forcing ANYTHING that touches authentication to refuse to dump core is not
>the answer.  Yet that is the only answer that you leave available.
>
>Worse, that doesn't even BEGIN to address the problmes that come about if
>you can ptrace() the process -- which, for something like this, is a REAL
>problem.
>
>You MUST be able to *know* that all privileged data has been nuked BEFORE
>you relinquish privileged operation.  This isn't an option folks -- its a
>REQUIREMENT for security reasons.
>
>Figure it out.  ftpd is not the only affected program here; just the most
>commonly known and exploited.

Did you miss a portion of this thread?  I think that Jason already
addressed all of these issues.

The program can core dump, the core dump will simply only be readable
by root.

There are already protections enforced to disallow non-priveledged users
from ptracing programs that are setuid/setgid.

>--
>Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity
>http://www.mcs.net/~karl     | T1 from $600 monthly; speeds to DS-3 available
>			     | 23 Chicagoland Prefixes, 13 ISDN, much more
>Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net
>/
>Fax:   [+1 312 248-9865]     | Home of Chicago's only FULL Clarinet feed!

--
Justin T. Gibbs
===========================================
  FreeBSD: Turning PCs into workstations
===========================================