Date: Tue, 18 Feb 1997 19:47:50 -0800 From: David Greenman <dg@root.com> To: "Daniel O'Callaghan" <danny@panda.hilink.com.au> Cc: freebsd-hackers@FreeBSD.ORG, gnat@frii.com Subject: Re: Core dumps in suid processes (again) Message-ID: <199702190347.TAA09888@root.com> In-Reply-To: Your message of "Wed, 19 Feb 1997 14:05:00 %2B1100." <Pine.BSF.3.91.970219135715.8268Y-100000@panda.hilink.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>This was on BUGTRAQ. Given that from recent discussions FreeBSD only knows >its current e/r uids, rather than that is has been suid, I'm not sure of >the correct answer to the question below. > >Can someone please fill in the blanks. > >Danny > >---------- Forwarded message ---------- >Date: Tue, 18 Feb 1997 19:31:08 -0700 (MST) >From: gnat@frii.com >To: Daniel O'Callaghan <danny@panda.hilink.com.au> >Subject: Re: FreeBSD,rlogin and coredumps. > >gnat@frii.com writes: > >[ WTTEO: I can read encrypted password file entries after killing my screen >session on FreeBSD 2.1.5 ] > >Daniel O'Callaghan writes: >> Upgrade to 2.1.6 (preferably, wait a few days for 2.1.7) In OS versions >> 2.1.6 and greater suid programs will not dump core. > >Will that work with screen, where the program is setuid root but runs >(and is kill -11 able) as me? I guess I mean, does the >has-been-setuid flag keep its state even when euid==ruid? The answer is yes, FreeBSD remembers that it was once setuid. It intentionally forgets after an exec, however, which clears the address space so the sensitive data is wiped. It's been proposed that FreeBSD should remember across the exec if uid != ruid, too, and I think this is probably a good idea. See PR# 2757. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702190347.TAA09888>