Date: Wed, 24 Mar 2004 22:52:27 +0100 From: Rafal Skoczylas <nils@secprog.org> To: freebsd-current@freebsd.org Subject: Re: [UFS] Broken suiddir? (+patch) Message-ID: <20040324215226.GA30596@secprog.org> In-Reply-To: <20040324130129.A93167@alpha.siliconlandmark.com> References: <20040323223020.GA2931@secprog.org> <20040324130129.A93167@alpha.siliconlandmark.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 24, 2004 at 01:21:49PM -0500, Andre Guibert de Bruet wrote: > On Tue, 23 Mar 2004, Rafal Skoczylas wrote: > > Additionaly, would someone be so kind to describe the risk caused by using > > SUIDDIR (mentioned in man) in more detail? Is there any "hidden" risk > > except those obvious (like created files that look like if someone else > > created them)? I tried searching google for such information but with > > no luck so far. > Imagine a scenario where a user uploads via SMB a windows executable and > another trojans it. User 1 has no idea that the file has been tampered > with and runs it. You've got yourself a problem. Well, actually this is what I meant saying "obvious risk", i.e. you have no clue who created the file and so on and so forth. What I would like to know is whether there exists any known issue eg. race condition in the kernel (or something like that) i.e. something that poses risk to the system but cannot be thought of because of the nature of the problem (eg. there's some known "buggie" behavior that makes it risky to use). To be honest, I'd love to hear the only known risks are those which I call "obvious" ;) -- Rafal Skoczylas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040324215226.GA30596>
