Date: Wed, 05 Feb 1997 14:30:31 -0800 From: David Greenman <dg@root.com> To: Karl Denninger <karl@Mcs.Net> Cc: tqbf@enteract.com, freebsd-security@freebsd.org Subject: Re: While we're on the subject... Message-ID: <199702052230.OAA11775@root.com> In-Reply-To: Your message of "Wed, 05 Feb 1997 16:24:30 CST." <199702052224.QAA16588@Jupiter.Mcs.Net>
next in thread | previous in thread | raw e-mail | index | archive | help
>> >If euid != uid, then you're running SUID *NOW*. >> >If euid = 0, then you're running as root *NOW*. >> > >> >Why does it matter what you might have been sometime before? The issue is >> >what you are running as at the time the call is made, no? >> >> Programs that were once privileged might have read sensitive information >> into memory which could possibly be read out if some hole were exploited. >> >> -DG >> >> David Greenman >> Core-team/Principal Architect, The FreeBSD Project > >Sure, but you can't fix that without a flag in the process structure. Right, we have P_SUGID that indicates whenever a process might have been messing with uid/gid's. It's currently set more often than it needs to be, but this can/will be fixed. At the moment it's used for several things, preventing core dumps of processes with the flag set is one of them. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052230.OAA11775>