From owner-freebsd-hackers  Tue Feb 18 19:46:53 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA28328
          for hackers-outgoing; Tue, 18 Feb 1997 19:46:53 -0800 (PST)
Received: from root.com (implode.root.com [198.145.90.17])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA28314
          for <freebsd-hackers@FreeBSD.ORG>; Tue, 18 Feb 1997 19:46:50 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by root.com (8.8.5/8.6.5) with SMTP id TAA09888; Tue, 18 Feb 1997 19:47:50 -0800 (PST)
Message-Id: <199702190347.TAA09888@root.com>
X-Authentication-Warning: implode.root.com: localhost [127.0.0.1] didn't use HELO protocol
To: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
cc: freebsd-hackers@FreeBSD.ORG, gnat@frii.com
Subject: Re: Core dumps in suid processes (again) 
In-reply-to: Your message of "Wed, 19 Feb 1997 14:05:00 +1100."
             <Pine.BSF.3.91.970219135715.8268Y-100000@panda.hilink.com.au> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Tue, 18 Feb 1997 19:47:50 -0800
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

>This was on BUGTRAQ.  Given that from recent discussions FreeBSD only knows
>its current e/r uids, rather than that is has been suid,  I'm not sure of 
>the correct answer to the question below.
>
>Can someone please fill in the blanks.
>
>Danny
>
>---------- Forwarded message ----------
>Date: Tue, 18 Feb 1997 19:31:08 -0700 (MST)
>From: gnat@frii.com
>To: Daniel O'Callaghan <danny@panda.hilink.com.au>
>Subject: Re: FreeBSD,rlogin and coredumps.
>
>gnat@frii.com writes:
>
>[ WTTEO: I can read encrypted password file entries after killing my screen 
>session on FreeBSD 2.1.5 ]
>
>Daniel O'Callaghan writes:
>> Upgrade to 2.1.6 (preferably, wait a few days for 2.1.7)  In OS versions 
>> 2.1.6 and greater suid programs will not dump core.
>
>Will that work with screen, where the program is setuid root but runs
>(and is kill -11 able) as me?  I guess I mean, does the
>has-been-setuid flag keep its state even when euid==ruid?

   The answer is yes, FreeBSD remembers that it was once setuid. It
intentionally forgets after an exec, however, which clears the address
space so the sensitive data is wiped. It's been proposed that FreeBSD
should remember across the exec if uid != ruid, too, and I think this
is probably a good idea. See PR# 2757.

-DG

David Greenman
Core-team/Principal Architect, The FreeBSD Project