Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 20 Feb 1997 14:31:06 +0300 (MSK)
From:      Andrew Kosyakov <caseq@magrathea.chance.ru>
To:        imp@village.org (Warner Losh)
Cc:        marcs@znep.com, security@freebsd.org
Subject:   Re: Coredumps and setuids .. interesting..
Message-ID:  <199702201131.OAA14947@magrathea.chance.ru>
In-Reply-To: <E0vxRbs-0006vF-00@rover.village.org> from "Warner Losh" at Feb 19, 97 11:04:00 pm

next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Warner Losh:
> : thing against Warner's suggestion.  It may well be possible to find ways
> : other than core dumps to get access to the memory image through bugs in
> : ftpd. 
> Or via the ptrace api, or via some new feature that someone adds to
> procfs that lets you attach to a process' address space, or any other
> number of other things which seem like a good idea at the time, but
> introduce more holes.
So, you mean that someone may want to add an ability for an unprivileged process
to attach to the address space of a privileged process? Well, certainly, there
will be such people, but I guess they'll have to break freefall again in order
to implement that :-) (sorry if you consider this joke to be rude).

And I'd like to ask again: is there an official patch for 2.1.* to disable
P_SUGID process to dump core? Many people can't afford to upgrade the whole
OS on their production machines :-(

-- 
Sincerely yours
							/&rew

***
Andrew V. Kosyakov, Chance Publishing House, System Administrator
caseq@chance.ru, 2:5030/31@Fidonet.Org, +7(812)210-8046
PGP key fingerprint: BA A8 48 20 E4 AE 9C 52  C5 5F C3 B8 1E 67 2C BF



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702201131.OAA14947>