Date: Mon, 4 Aug 1997 12:22:07 -0500 (CDT) From: "Thomas H. Ptacek" <tqbf@enteract.com> To: bde@zeta.org.au (Bruce Evans) Cc: bde@zeta.org.au, tqbf@enteract.com, security@FreeBSD.ORG, sef@Kithrup.COM Subject: Re: Proposed alternate patch for the rfork vulnerability Message-ID: <199708041722.MAA01264@enteract.com> In-Reply-To: <199708041658.CAA02664@godzilla.zeta.org.au> from "Bruce Evans" at Aug 5, 97 02:58:51 am
next in thread | previous in thread | raw e-mail | index | archive | help
> >> I think exec should just fail if it can't honour setuid'ness. For ptrace > >Why? What does this win? > Conformance with the rfork man page: > It doesn't say that exec turns off the sharing. exeve() doesn't "turn off the sharing". Execution of an SUID program in a process that shares a file descriptor table causes the SUID bit not to be honored; this is a semantic with precedent (NOSUID, ptrace). ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "If you're so special, why aren't you dead?"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708041722.MAA01264>