Date: Mon, 11 Aug 1997 08:45:00 -0700 From: Sean Eric Fagan <sef@Kithrup.COM> To: ache@nagual.pp.ru, bde@zeta.org.au Cc: current@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: procfs patch Message-ID: <199708111545.IAA08497@kithrup.com>
next in thread | raw e-mail | index | archive | help
>Just close the procfs file descriptors on exec? I thought about doing that. But I decided it was both too invasive, and too bothersome -- a root process would gets its fd's close, and it probably shouldn't. As I said, what I've got now should provide no more risks than dumping core does. Well, it allows for some greater control -- my truss program is not SUID root, and needs to be able to read process memory. But since the process should be owned by the user, I don't have a problem with it. Sean.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708111545.IAA08497>