Date: Thu, 18 Apr 2002 23:30:02 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: "J. Mallett" <jmallett@FreeBSD.ORG> Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h Message-ID: <p0511170ab8e53dddf964@[128.113.24.47]> In-Reply-To: <20020419032610.GG30498@FreeBSD.ORG> References: <200204190045.g3J0jUY59526@freefall.freebsd.org> <200204190309.g3J39tE69057@khavrinen.lcs.mit.edu> <p05111709b8e53bfd88f7@[128.113.24.47]> <20020419032610.GG30498@FreeBSD.ORG>
next in thread | previous in thread | raw e-mail | index | archive | help
At 3:26 AM +0000 4/19/02, J. Mallett wrote: >On Thu, Apr 18, 2002 at 11:16:45PM -0400, Garance A Drosihn wrote: > > I don't see how it would break anything, although I'm not >> sure why this is something that needs to be done for set[ug]id >> programs and not for others? Is this trying to avoid error >> conditions that would pull the rug out from under such a > > program "at a bad time"? > >If you know the codepath of a program, you can close a number >of file descriptors, and ones specifically for reading or >writing, and without fail cause corruption of a file, dump >information of your choice into a file, or cause information >to be incorrectly read from a file. > >I can give you specific examples of how this could be abused, >but it doesn't really take much imagination. Hmm. Okay, I can see how this helps some. But if we are talking about Evil(tm) programs which are exec-ing a set[ug]id program, then I would think the program could cause just as much evil havoc by assigning those descriptors to files that the program is not expecting them to be assigned to. Like, perhaps, to a file that the program will have no access to. How would that be "less evil" than having the descriptor assigned to nothing at all? [again, I'm just wondering here, I have no objection to the change... Thanks] -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0511170ab8e53dddf964>