Date: Thu, 20 Feb 1997 14:31:06 +0300 (MSK) From: Andrew Kosyakov <caseq@magrathea.chance.ru> To: imp@village.org (Warner Losh) Cc: marcs@znep.com, security@freebsd.org Subject: Re: Coredumps and setuids .. interesting.. Message-ID: <199702201131.OAA14947@magrathea.chance.ru> In-Reply-To: <E0vxRbs-0006vF-00@rover.village.org> from "Warner Losh" at Feb 19, 97 11:04:00 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Warner Losh: > : thing against Warner's suggestion. It may well be possible to find ways > : other than core dumps to get access to the memory image through bugs in > : ftpd. > Or via the ptrace api, or via some new feature that someone adds to > procfs that lets you attach to a process' address space, or any other > number of other things which seem like a good idea at the time, but > introduce more holes. So, you mean that someone may want to add an ability for an unprivileged process to attach to the address space of a privileged process? Well, certainly, there will be such people, but I guess they'll have to break freefall again in order to implement that :-) (sorry if you consider this joke to be rude). And I'd like to ask again: is there an official patch for 2.1.* to disable P_SUGID process to dump core? Many people can't afford to upgrade the whole OS on their production machines :-( -- Sincerely yours /&rew *** Andrew V. Kosyakov, Chance Publishing House, System Administrator caseq@chance.ru, 2:5030/31@Fidonet.Org, +7(812)210-8046 PGP key fingerprint: BA A8 48 20 E4 AE 9C 52 C5 5F C3 B8 1E 67 2C BF
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702201131.OAA14947>