From owner-freebsd-hackers Mon Jul 26 5:27:35 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mail.palmerharvey.co.uk (mail.palmerharvey.co.uk [62.172.109.58]) by hub.freebsd.org (Postfix) with ESMTP id 3167E1532A; Mon, 26 Jul 1999 05:27:18 -0700 (PDT) (envelope-from Dom.Mitchell@palmerharvey.co.uk) Received: from ho-nt-01.pandhm.co.uk (unverified) by mail.palmerharvey.co.uk (Content Technologies SMTPRS 2.0.15) with ESMTP id ; Mon, 26 Jul 1999 13:21:41 +0100 Received: from voodoo.pandhm.co.uk (VOODOO [10.100.35.12]) by ho-nt-01.pandhm.co.uk with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2448.0) id PJ2VDVTR; Mon, 26 Jul 1999 13:21:40 +0100 Received: from dom by voodoo.pandhm.co.uk with local (Exim 2.10 #1) id 118jl7-000KPL-00; Mon, 26 Jul 1999 13:21:33 +0100 Date: Mon, 26 Jul 1999 13:21:33 +0100 To: jkoshy@FreeBSD.org Cc: chris@calldei.com, hackers@freebsd.org Subject: Re: yet more ways to attack executing binaries (was Re: deny ktrace without read permissions? ) Message-Id: <19990726132132.B78403@voodoo.pandhm.co.uk> References: <19990726054037.D79022@holly.dyndns.org> <199907261116.EAA43920@freefall.freebsd.org> MIME-Version: 1.0 X-Mailer: Mutt 0.95.6i In-Reply-To: <199907261116.EAA43920@freefall.freebsd.org>; from jkoshy@FreeBSD.org on Mon, Jul 26, 1999 at 04:16:28AM -0700 From: Dominic Mitchell Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Jul 26, 1999 at 04:16:28AM -0700, jkoshy@FreeBSD.org wrote: > LD_LIBRARY_PATH, LD_PRELOAD and LD_DEBUG are ignored for setuid executables > in FreeBSD. But the point being made is that they are not ignored for executables which have no read access. And from there, read access can be gained, because at that point, you have code running in the process's address space. -- Dom Mitchell -- Palmer & Harvey McLane -- Unix Systems Administrator In Mountain View did Larry Wall Sedately launch a quiet plea: That DOS, the ancient system, shall On boxes pleasureless to all Run Perl though lack they C. -- ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. ********************************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message