Re: Proposed change to setre[ug]id()

H. Peter Anvin (hpa@freya.yggdrasil.com)
19 Jun 1996 01:08:19 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kevin M Bealer: "Re: [PATCH] DES LOOP Supportx"
Previous message: Bryn Paul Arnold Jones: "Re: Boot messages (Was: Re: Ideas for v2.1)"
Maybe in reply to: Stephen R. van den Berg: "Proposed change to setre[ug]id()"
Next in thread: Thomas Koenig: "Re: Proposed change to setre[ug]id()"

Followup to: <199606190223.EAA26021@hera.cuci.nl>
By author: srb@cuci.nl (Stephen R. van den Berg)
In newsgroup: linux.dev.kernel
>
> "Theodore Y. Ts'o" <tytso@MIT.EDU> wrote:
> >There are two problems; one is the one you pointed out, and the othe=
r is
> >programs which drop the setuid bits, thinking they are then secure, =
and
> >then start doing unsafe things like using gets() and statically-size=
d
> >buffers on the stack.
>=20
> Hmmm..., indeed, and then construct a setuid() system call.
> Well, in that light, the current code looks just fine as it is.

I have only one comment: dlopen().

Just because you're in the same process (no exec) doesn't mean the
code comes from the same file.

If we want to emulate HP/UX's setresuid() facility, then let's
implement a setresuid() call [maybe that should be setresfuid()], but
don't break the current setreuid() implementation -- ESPECIALLY not
since it would make secure programs suddenly insecure!

-hpa

--=20
PGP public key available - finger hpa@zytor.com
I don't work for Yggdrasil, but they sponsor the linux.* hierarchy.
"The earth is but one country, and mankind its citizens." -- Bah=E1'u=
'll=E1h
Just Say No to Morden * Save Babylon 5: http://www.babylon5.com/cmp/sup=
port/

Next message: Kevin M Bealer: "Re: [PATCH] DES LOOP Supportx"
Previous message: Bryn Paul Arnold Jones: "Re: Boot messages (Was: Re: Ideas for v2.1)"
Maybe in reply to: Stephen R. van den Berg: "Proposed change to setre[ug]id()"
Next in thread: Thomas Koenig: "Re: Proposed change to setre[ug]id()"