From owner-freebsd-security  Fri Jan 11 18: 1:45 2002
Delivered-To: freebsd-security@freebsd.org
Received: from rover.village.org (rover.bsdimp.com [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP id 3D9CB37B41A
	for <security@FreeBSD.ORG>; Fri, 11 Jan 2002 18:01:37 -0800 (PST)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.3/8.11.3) with ESMTP id g0C21al95161;
	Fri, 11 Jan 2002 19:01:36 -0700 (MST)
	(envelope-from imp@village.org)
Received: from localhost (warner@rover2.village.org [10.0.0.1])
	by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0C21Xx57310;
	Fri, 11 Jan 2002 19:01:33 -0700 (MST)
	(envelope-from imp@village.org)
Date: Fri, 11 Jan 2002 19:01:20 -0700 (MST)
Message-Id: <20020111.190120.81022760.imp@village.org>
To: cjclark@alum.mit.edu, cristjc@earthlink.net
Cc: bright@mu.org, security@FreeBSD.ORG
Subject: Re: netbsd's daemon(3) fixes.
From: "M. Warner Losh" <imp@village.org>
In-Reply-To: <20020111141420.K11553@blossom.cjclark.org>
References: <20020111141420.K11553@blossom.cjclark.org>
X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

In message: <20020111141420.K11553@blossom.cjclark.org>
            "Crist J . Clark" <cristjc@earthlink.net> writes:
: On Fri, 11 Jan 2002 11:21:44 -0800, Alfred Perlstein wrote:
: > I saw some recent fixes in netbsd wrt when daemon is called in
: > various daemons, anyone have time to see if this is applicable
: > to us?  And whether or not to merge the fixes in?
: 
: If we go back to the recent fixes OpenBSD did first, the cvs logs give
: reasons like,
: 
:   daemon() can close innocent file descriptors, including opened log.
:   be more carefull about that and nicer to debugging.
:   daemon() thingie was pointed out by markus@ .
: 
: So it's not really a security issue that I can see. I'm not sure if I
: understand under what conditions a daemon(3) call will close
: "innocent" file descriptors.

I think we need the change, since innocent file descriptors might be
important.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message