From owner-freebsd-security  Fri Jan 11 14:14:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from hawk.prod.itd.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22])
	by hub.freebsd.org (Postfix) with ESMTP id E002E37B433
	for <security@freebsd.org>; Fri, 11 Jan 2002 14:14:23 -0800 (PST)
Received: from dialup-209.247.142.153.dial1.sanjose1.level3.net ([209.247.142.153] helo=blossom.cjclark.org)
	by hawk.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16P9wM-0003Rk-00; Fri, 11 Jan 2002 14:14:22 -0800
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.3) id g0BMEKe12538;
	Fri, 11 Jan 2002 14:14:20 -0800 (PST)
	(envelope-from cjc)
Date: Fri, 11 Jan 2002 14:14:20 -0800
From: "Crist J . Clark" <cristjc@earthlink.net>
To: Alfred Perlstein <bright@mu.org>
Cc: security@freebsd.org
Subject: Re: netbsd's daemon(3) fixes.
Message-ID: <20020111141420.K11553@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Fri, 11 Jan 2002 11:21:44 -0800, Alfred Perlstein wrote:
> I saw some recent fixes in netbsd wrt when daemon is called in
> various daemons, anyone have time to see if this is applicable
> to us?  And whether or not to merge the fixes in?

If we go back to the recent fixes OpenBSD did first, the cvs logs give
reasons like,

  daemon() can close innocent file descriptors, including opened log.
  be more carefull about that and nicer to debugging.
  daemon() thingie was pointed out by markus@ .

So it's not really a security issue that I can see. I'm not sure if I
understand under what conditions a daemon(3) call will close
"innocent" file descriptors.
-- 
"It's always funny until someone gets hurt. Then it's hilarious."

Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message