*BSD News Article 94634


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!news.maxwell.syr.edu!cs.utexas.edu!natinst.com!news-relay.us.dell.com!gater3.sematech.org!news2.amd.com!uuneo.neosoft.com!web.nmti.com!peter
From: peter@nmti.com (Peter da Silva)
Newsgroups: comp.unix.bsd.bsdi.misc,comp.unix.bsd.misc,comp.security.unix
Subject: Re: *BSD* Security WWW/Mailing List?
Date: 28 Apr 1997 16:26:13 GMT
Organization: Network/development platform support, NMTI
Lines: 22
Message-ID: <5k2j35$4mf@web.nmti.com>
References: <3356E1CC.299E@softway.com.au> <slrn5m0dbf.jsb.tqbf@char-star.rdist.org> <5jqtkh$mmo@web.nmti.com> <slrn5m22vo.gfb.tqbf@char-star.rdist.org>
NNTP-Posting-Host: sonic.nmti.com
X-No-Archive: yes
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.misc:6778 comp.unix.bsd.misc:3109 comp.security.unix:34107


In article <slrn5m22vo.gfb.tqbf@char-star.rdist.org>,
Thomas H. Ptacek <tqbf@enteract.com> wrote:
> The process flag is inherited.

Hmmm.

That's not so good, especially if you set it in inetd (either by making
it setuid or by having inetd call secureprocess()) because then all
processes started from telnetd will have the flag set, which means that
pretty much everything not started directly from rc will have the flag
set, so the flag will be so diluted to be meaningless.

You'd have to give login the ability to clear it, I think, like login
can set luid.

As it is, it's useful info but I don't think it means you don't have to
look at euid to tell if you're really safe doing magic before main().
-- 
           The Reverend Peter da Silva, ULC, COQO, BOFH, KIBO.

Har du kramat din varg, idag? `-_-'                            Vi er alle Kibo.
                                                            Wir sind alle Kibo.