From owner-cvs-all  Tue Jul  4 17: 4:30 2000
Delivered-To: cvs-all@freebsd.org
Received: from localhost (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8E31737B834; Tue,  4 Jul 2000 17:04:22 -0700 (PDT)
	(envelope-from green@FreeBSD.org)
Date: Tue, 4 Jul 2000 20:04:18 -0400 (EDT)
From: Brian Fundakowski Feldman <green@FreeBSD.org>
X-Sender: green@green.dyndns.org
To: Wes Morgan <morganw@chemicals.tacorp.com>
Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/crypto/openssh sshd.c
In-Reply-To: <Pine.BSF.4.21.0007040918400.70488-100000@volatile.chemicals.tacorp.com>
Message-ID: <Pine.BSF.4.21.0007042002220.83838-100000@green.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 4 Jul 2000, Wes Morgan wrote:

> I hope that there is no way ever in 1e6 years that someone will be able to
> subvert /proc/curproc and get sshd to execute the program of his choice as
> root when it gets HUP'd. I can't think of any way possible, but there are
> 6 billion people out there besides me.

If someone can unmount /proc, you're screwed.  They can do many other,
more dangerous things, too.  This is nothing to worry about at all (the
/proc/curproc/sshd exec thing, not being screwed by people gaining root
priveleges :)

--
 Brian Fundakowski Feldman           \  FreeBSD: The Power to Serve!  /
 green@FreeBSD.org                    `------------------------------'



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message