Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Apr 2002 23:30:02 -0400
From:      Garance A Drosihn <drosih@rpi.edu>
To:        "J. Mallett" <jmallett@FreeBSD.ORG>
Cc:        cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject:   Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys          filedesc.h
Message-ID:  <p0511170ab8e53dddf964@[128.113.24.47]>
In-Reply-To: <20020419032610.GG30498@FreeBSD.ORG>
References:  <200204190045.g3J0jUY59526@freefall.freebsd.org> <200204190309.g3J39tE69057@khavrinen.lcs.mit.edu> <p05111709b8e53bfd88f7@[128.113.24.47]> <20020419032610.GG30498@FreeBSD.ORG>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 3:26 AM +0000 4/19/02, J. Mallett wrote:
>On Thu, Apr 18, 2002 at 11:16:45PM -0400, Garance A Drosihn wrote:
>  > I don't see how it would break anything, although I'm not
>>  sure why this is something that needs to be done for set[ug]id
>>  programs and not for others?  Is this trying to avoid error
>>  conditions that would pull the rug out from under such a
>  > program "at a bad time"?
>
>If you know the codepath of a program, you can close a number
>of file descriptors, and ones specifically for reading or
>writing, and without fail cause corruption of a file, dump
>information of your choice into a file, or cause information
>to be incorrectly read from a file.
>
>I can give you specific examples of how this could be abused,
>but it doesn't really take much imagination.

Hmm.  Okay, I can see how this helps some.  But if we are
talking about Evil(tm) programs which are exec-ing a
set[ug]id program, then I would think the program could
cause just as much evil havoc by assigning those descriptors
to files that the program is not expecting them to be
assigned to.  Like, perhaps, to a file that the program will
have no access to.  How would that be "less evil" than having
the descriptor assigned to nothing at all?

[again, I'm just wondering here, I have no objection to
the change...  Thanks]

-- 
Garance Alistair Drosehn            =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0511170ab8e53dddf964>