From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 16:23:28 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C13116A419 for ; Sun, 7 Oct 2007 16:23:28 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailout03.yourhostingaccount.com (mailout03.yourhostingaccount.com [65.254.253.24]) by mx1.freebsd.org (Postfix) with ESMTP id 0C0FD13C494 for ; Sun, 7 Oct 2007 16:23:27 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailscan20.yourhostingaccount.com ([10.1.15.20] helo=mailscan20.yourhostingaccount.com) by mailout03.yourhostingaccount.com with esmtp (Exim) id 1IeYR2-0006mH-WE for freebsd-security@freebsd.org; Sun, 07 Oct 2007 11:52:53 -0400 Received: from impout03.yourhostingaccount.com ([10.1.55.3] helo=impout03.yourhostingaccount.com) by mailscan20.yourhostingaccount.com with esmtp (Exim) id 1IeYR2-000734-Il for freebsd-security@freebsd.org; Sun, 07 Oct 2007 11:52:52 -0400 Received: from authsmtp08.yourhostingaccount.com ([10.1.18.8]) by impout03.yourhostingaccount.com with NO UCE id xTss1X0020ASqTN0000000; Sun, 07 Oct 2007 11:52:52 -0400 X-EN-OrigOutIP: 10.1.18.8 X-EN-IMPSID: xTss1X0020ASqTN0000000 Received: from c-98-206-161-17.hsd1.il.comcast.net ([98.206.161.17] helo=vixen42) by authsmtp08.yourhostingaccount.com with esmtpa (Exim) id 1IeYR2-0007D8-AR for freebsd-security@freebsd.org; Sun, 07 Oct 2007 11:52:52 -0400 Date: Sun, 7 Oct 2007 10:52:58 -0500 From: "Zane C.B." To: freebsd-security@freebsd.org Message-ID: <20071007105258.2d4c2e37@vixen42> X-Mailer: Claws Mail 3.0.1 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EN-UserInfo: 0d1ca1697cdb7a831d4877828571b7ab:1570f0de6936c69fef9e164fffc541bc X-EN-AuthUser: vvelox2 Sender: "Zane C.B." X-EN-OrigIP: 98.206.161.17 X-EN-OrigHost: c-98-206-161-17.hsd1.il.comcast.net Subject: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 16:23:28 -0000 Any way to check if another proc has run or been run by a proc that is setuid or seteuid? From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 16:39:02 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 69B3216A417 for ; Sun, 7 Oct 2007 16:39:02 +0000 (UTC) (envelope-from jan.muenther@nruns.com) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.188]) by mx1.freebsd.org (Postfix) with ESMTP id DCDFD13C4AC for ; Sun, 7 Oct 2007 16:39:01 +0000 (UTC) (envelope-from jan.muenther@nruns.com) Received: from [212.202.198.95] (helo=[127.0.0.1]) by mrelayeu.kundenserver.de (node=mrelayeu2) with ESMTP (Nemesis) id 0MKwtQ-1IeYx64BaO-00071k; Sun, 07 Oct 2007 18:26:15 +0200 Message-ID: <47090895.9050202@nruns.com> Date: Sun, 07 Oct 2007 18:25:57 +0200 From: =?ISO-8859-1?Q?Jan_M=FCnther?= User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: "Zane C.B." References: <20071007105258.2d4c2e37@vixen42> In-Reply-To: <20071007105258.2d4c2e37@vixen42> X-Enigmail-Version: 0.95.3 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Provags-ID: V01U2FsdGVkX18QDD9AvImGTDAXuPJ5HLjT+gwmvY86Jg6+l/e 0T+NTOfji/qSc1SAKfMFOpWqeDdGRhORHYBgOWm11AwMKeeAtu m+5gEutlN7CeilWwo/J0AAQkb/9tqOxcQYFkVXvO9k= Cc: freebsd-security@freebsd.org Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 16:39:02 -0000 man getuid, man geteuid. Cheers, j. From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 17:28:02 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D88BD16A418 for ; Sun, 7 Oct 2007 17:28:02 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailout16.yourhostingaccount.com (mailout16.yourhostingaccount.com [65.254.253.131]) by mx1.freebsd.org (Postfix) with ESMTP id A827A13C465 for ; Sun, 7 Oct 2007 17:28:02 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailscan03.yourhostingaccount.com ([10.1.15.3] helo=mailscan03.yourhostingaccount.com) by mailout16.yourhostingaccount.com with esmtp (Exim) id 1IeZv6-0007hb-Ox for freebsd-security@freebsd.org; Sun, 07 Oct 2007 13:28:00 -0400 Received: from impout03.yourhostingaccount.com ([10.1.55.3] helo=impout03.yourhostingaccount.com) by mailscan03.yourhostingaccount.com with esmtp (Exim) id 1IeZv6-0000KM-B9; Sun, 07 Oct 2007 13:28:00 -0400 Received: from authsmtp11.yourhostingaccount.com ([10.1.18.11]) by impout03.yourhostingaccount.com with NO UCE id xVU01X0070EKrUA0000000; Sun, 07 Oct 2007 13:28:00 -0400 X-EN-OrigOutIP: 10.1.18.11 X-EN-IMPSID: xVU01X0070EKrUA0000000 Received: from c-98-206-161-17.hsd1.il.comcast.net ([98.206.161.17] helo=vixen42) by authsmtp11.yourhostingaccount.com with esmtpa (Exim) id 1IeZv6-0000Ir-7i; Sun, 07 Oct 2007 13:28:00 -0400 Date: Sun, 7 Oct 2007 12:28:05 -0500 From: "Zane C.B." To: Jan =?ISO-8859-1?Q?M=FCnther?= Message-ID: <20071007122805.3853bffe@vixen42> In-Reply-To: <47090895.9050202@nruns.com> References: <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> X-Mailer: Claws Mail 3.0.1 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: base64 X-EN-UserInfo: 0d1ca1697cdb7a831d4877828571b7ab:1570f0de6936c69fef9e164fffc541bc X-EN-AuthUser: vvelox2 Sender: "Zane C.B." X-EN-OrigIP: 98.206.161.17 X-EN-OrigHost: c-98-206-161-17.hsd1.il.comcast.net Cc: freebsd-security@freebsd.org Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 17:28:02 -0000 T24gU3VuLCAwNyBPY3QgMjAwNyAxODoyNTo1NyArMDIwMA0KSmFuIE38bnRoZXIgPGphbi5tdWVu dGhlckBucnVucy5jb20+IHdyb3RlOg0KDQo+IG1hbiBnZXR1aWQsIG1hbiBnZXRldWlkLg0KDQpU aGlzIGRvZXMgd29yayBmb3Igb3RoZXIgcHJvY3MsIG9ubHkgdGhlIG9uZSB0aGF0IGlzIGNhbGxp bmcgaXQuDQoNCkxpa2UgSSBzYWlkIGluaXRpYWxseSBJIGFtIGxvb2tpbmcgdG8gY2hlY2sgaWYg YW5vdGhlciBwcm9jIGhhcyBydW4NCnNldHVpZCwgc2V0ZXVpZCwgb3IgYmVlbiBleGVjdXRlZCBv ciBmb3JrZWQgYnkgb25lIHRoYXQgaGFzLg0KDQo= From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 18:39:14 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F7C716A419 for ; Sun, 7 Oct 2007 18:39:14 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailout05.yourhostingaccount.com (mailout05.yourhostingaccount.com [65.254.253.42]) by mx1.freebsd.org (Postfix) with ESMTP id 46D6713C448 for ; Sun, 7 Oct 2007 18:39:14 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailscan08.yourhostingaccount.com ([10.1.15.8] helo=mailscan08.yourhostingaccount.com) by mailout05.yourhostingaccount.com with esmtp (Exim) id 1Ieb21-0000yt-64 for freebsd-security@freebsd.org; Sun, 07 Oct 2007 14:39:13 -0400 Received: from impout02.yourhostingaccount.com ([10.1.55.2] helo=impout02.yourhostingaccount.com) by mailscan08.yourhostingaccount.com with esmtp (Exim) id 1Ieb21-00052f-0W; Sun, 07 Oct 2007 14:39:13 -0400 Received: from authsmtp10.yourhostingaccount.com ([10.1.18.10]) by impout02.yourhostingaccount.com with NO UCE id xWfD1X0010D2B7u0000000; Sun, 07 Oct 2007 14:39:13 -0400 X-EN-OrigOutIP: 10.1.18.10 X-EN-IMPSID: xWfD1X0010D2B7u0000000 Received: from c-98-206-161-17.hsd1.il.comcast.net ([98.206.161.17] helo=vixen42) by authsmtp10.yourhostingaccount.com with esmtpa (Exim) id 1Ieb20-0005TE-Jf; Sun, 07 Oct 2007 14:39:12 -0400 Date: Sun, 7 Oct 2007 13:39:17 -0500 From: "Zane C.B." To: Kostik Belousov Message-ID: <20071007133917.73b5f665@vixen42> In-Reply-To: <20071007180402.GI2180@deviant.kiev.zoral.com.ua> References: <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> <20071007122805.3853bffe@vixen42> <20071007180402.GI2180@deviant.kiev.zoral.com.ua> X-Mailer: Claws Mail 3.0.1 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EN-UserInfo: 0d1ca1697cdb7a831d4877828571b7ab:1570f0de6936c69fef9e164fffc541bc X-EN-AuthUser: vvelox2 Sender: "Zane C.B." X-EN-OrigIP: 98.206.161.17 X-EN-OrigHost: c-98-206-161-17.hsd1.il.comcast.net Cc: freebsd-security@freebsd.org, Jan M?nther Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 18:39:14 -0000 On Sun, 7 Oct 2007 21:04:02 +0300 Kostik Belousov wrote: > On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote: > > On Sun, 07 Oct 2007 18:25:57 +0200 > > Jan M?nther wrote: > > > > > man getuid, man geteuid. > > > > This does work for other procs, only the one that is calling it. > > > > Like I said initially I am looking to check if another proc has > > run setuid, seteuid, or been executed or forked by one that has. > > Note that what you trying to do is racy by definition. Why is that? It seems like something that be useful instead of something taboo. My interest in it is I am writing a database connector interested in making it paranoid as possible. > To get the value of issetugid() for some other process, as it > _could_ be returned at some moment in a time, you shall check the > P_SUGID bit of the p_flag from the corresponding struct proc. This > is available by the kvm_getprocs(3) interface in the ki_flag field > of the kinfo_proc structure, see corresponding man page. Awesome, I will begin investigating this. From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 18:53:27 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F33916A419 for ; Sun, 7 Oct 2007 18:53:27 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from gnome.kiev.sovam.com (gnome.kiev.sovam.com [212.109.32.24]) by mx1.freebsd.org (Postfix) with ESMTP id 3431B13C447 for ; Sun, 7 Oct 2007 18:53:27 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from relay02.kiev.sovam.com ([62.64.120.197]) by gnome.kiev.sovam.com with esmtp (Exim 4.67 (FreeBSD)) (envelope-from ) id 1IebFm-000830-K6 for freebsd-security@freebsd.org; Sun, 07 Oct 2007 21:53:26 +0300 Received: from [212.82.216.226] (helo=deviant.kiev.zoral.com.ua) by relay02.kiev.sovam.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from ) id 1IebFk-00089j-QJ for freebsd-security@freebsd.org; Sun, 07 Oct 2007 21:53:25 +0300 Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.1/8.14.1) with ESMTP id l97IrFAr072255; Sun, 7 Oct 2007 21:53:15 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.1/8.14.1/Submit) id l97IrE44072254; Sun, 7 Oct 2007 21:53:14 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Sun, 7 Oct 2007 21:53:14 +0300 From: Kostik Belousov To: "Zane C.B." Message-ID: <20071007185314.GJ2180@deviant.kiev.zoral.com.ua> References: <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> <20071007122805.3853bffe@vixen42> <20071007180402.GI2180@deviant.kiev.zoral.com.ua> <20071007133917.73b5f665@vixen42> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dpynvXbW/eW9Tpc3" Content-Disposition: inline In-Reply-To: <20071007133917.73b5f665@vixen42> User-Agent: Mutt/1.4.2.3i X-Scanner-Signature: bb9f355b5be917825c280d06cf0e20ab X-DrWeb-checked: yes X-SpamTest-Envelope-From: kostikbel@gmail.com X-SpamTest-Group-ID: 00000000 X-SpamTest-Info: Profiles 1563 [Oct 05 2007] X-SpamTest-Info: helo_type=3 X-SpamTest-Info: {received from trusted relay: not dialup} X-SpamTest-Method: none X-SpamTest-Method: Local Lists X-SpamTest-Rate: 0 X-SpamTest-Status: Not detected X-SpamTest-Status-Extended: not_detected X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0255], KAS30/Release Cc: freebsd-security@freebsd.org, Jan M?nther Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 18:53:27 -0000 --dpynvXbW/eW9Tpc3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 07, 2007 at 01:39:17PM -0500, Zane C.B. wrote: > On Sun, 7 Oct 2007 21:04:02 +0300 > Kostik Belousov wrote: >=20 > > On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote: > > > On Sun, 07 Oct 2007 18:25:57 +0200 > > > Jan M?nther wrote: > > >=20 > > > > man getuid, man geteuid. > > >=20 > > > This does work for other procs, only the one that is calling it. > > >=20 > > > Like I said initially I am looking to check if another proc has > > > run setuid, seteuid, or been executed or forked by one that has. > >=20 > > Note that what you trying to do is racy by definition. >=20 > Why is that? It seems like something that be useful instead of > something taboo. My interest in it is I am writing a database > connector interested in making it paranoid as possible. Because you do not control the execution of the other process. As consequence, value you get is outdated even before you start using it. --dpynvXbW/eW9Tpc3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHCSsZC3+MBN1Mb4gRAs5kAJwMvHZ5QuNdQtjz2TqhT+p6OlrUiwCfZVl3 tC67uh6NwzA+fZu559Qo/Fg= =GfVy -----END PGP SIGNATURE----- --dpynvXbW/eW9Tpc3-- From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 20:49:13 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 00D7116A417 for ; Sun, 7 Oct 2007 20:49:13 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailout11.yourhostingaccount.com (mailout11.yourhostingaccount.com [65.254.253.88]) by mx1.freebsd.org (Postfix) with ESMTP id AE23013C45D for ; Sun, 7 Oct 2007 20:49:12 +0000 (UTC) (envelope-from SRS0=zt7abC=PB=vvelox.net=v.velox@yourhostingaccount.com) Received: from mailscan15.yourhostingaccount.com ([10.1.15.15] helo=mailscan15.yourhostingaccount.com) by mailout11.yourhostingaccount.com with esmtp (Exim) id 1Ied3n-0001FA-QT for freebsd-security@freebsd.org; Sun, 07 Oct 2007 16:49:11 -0400 Received: from impout03.yourhostingaccount.com ([10.1.55.3] helo=impout03.yourhostingaccount.com) by mailscan15.yourhostingaccount.com with esmtp (Exim) id 1Ied3n-0006MW-Lr; Sun, 07 Oct 2007 16:49:11 -0400 Received: from authsmtp09.yourhostingaccount.com ([10.1.18.9]) by impout03.yourhostingaccount.com with NO UCE id xYpA1X00M0BkWne0000000; Sun, 07 Oct 2007 16:49:10 -0400 X-EN-OrigOutIP: 10.1.18.9 X-EN-IMPSID: xYpA1X00M0BkWne0000000 Received: from c-98-206-161-17.hsd1.il.comcast.net ([98.206.161.17] helo=vixen42) by authsmtp09.yourhostingaccount.com with esmtpa (Exim) id 1Ied3n-0000FE-9v; Sun, 07 Oct 2007 16:49:11 -0400 Date: Sun, 7 Oct 2007 15:49:16 -0500 From: "Zane C.B." To: Kostik Belousov Message-ID: <20071007154916.6c645982@vixen42> In-Reply-To: <20071007185314.GJ2180@deviant.kiev.zoral.com.ua> References: <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> <20071007122805.3853bffe@vixen42> <20071007180402.GI2180@deviant.kiev.zoral.com.ua> <20071007133917.73b5f665@vixen42> <20071007185314.GJ2180@deviant.kiev.zoral.com.ua> X-Mailer: Claws Mail 3.0.1 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EN-UserInfo: 0d1ca1697cdb7a831d4877828571b7ab:1570f0de6936c69fef9e164fffc541bc X-EN-AuthUser: vvelox2 Sender: "Zane C.B." X-EN-OrigIP: 98.206.161.17 X-EN-OrigHost: c-98-206-161-17.hsd1.il.comcast.net Cc: freebsd-security@freebsd.org, Jan M?nther Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 20:49:13 -0000 On Sun, 7 Oct 2007 21:53:14 +0300 Kostik Belousov wrote: > On Sun, Oct 07, 2007 at 01:39:17PM -0500, Zane C.B. wrote: > > On Sun, 7 Oct 2007 21:04:02 +0300 > > Kostik Belousov wrote: > > > > > On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote: > > > > On Sun, 07 Oct 2007 18:25:57 +0200 > > > > Jan M?nther wrote: > > > > > > > > > man getuid, man geteuid. > > > > > > > > This does work for other procs, only the one that is calling > > > > it. > > > > > > > > Like I said initially I am looking to check if another proc > > > > has run setuid, seteuid, or been executed or forked by one > > > > that has. > > > > > > Note that what you trying to do is racy by definition. > > > > Why is that? It seems like something that be useful instead of > > something taboo. My interest in it is I am writing a database > > connector interested in making it paranoid as possible. > > Because you do not control the execution of the other process. As > consequence, value you get is outdated even before you start using > it. Yeah, this is another thing I need to look into. I need to look into how to go about figuring out if a program can be trusted or not. Just got thinking that any thing that has been run will have been run by something that ran it setuid. The project I am looking into is creating a database connector daemon and related pam module. When a user logs in their password they used is shoved into the PAM module and then a application can be used for accessing the database. Any thoughts in that area? My large interest in this is in regards to LDAP. From owner-freebsd-security@FreeBSD.ORG Sun Oct 7 20:57:36 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2B2616A419 for ; Sun, 7 Oct 2007 20:57:36 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from gnome.kiev.sovam.com (gnome.kiev.sovam.com [212.109.32.24]) by mx1.freebsd.org (Postfix) with ESMTP id 5857D13C44B for ; Sun, 7 Oct 2007 20:57:36 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from relay02.kiev.sovam.com ([62.64.120.197]) by gnome.kiev.sovam.com with esmtp (Exim 4.67 (FreeBSD)) (envelope-from ) id 1IeaUB-0001mQ-6b for freebsd-security@freebsd.org; Sun, 07 Oct 2007 21:04:15 +0300 Received: from [212.82.216.226] (helo=deviant.kiev.zoral.com.ua) by relay02.kiev.sovam.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from ) id 1IeaUA-000I8y-A0 for freebsd-security@freebsd.org; Sun, 07 Oct 2007 21:04:14 +0300 Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.1/8.14.1) with ESMTP id l97I42xk071213; Sun, 7 Oct 2007 21:04:02 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.1/8.14.1/Submit) id l97I42Gp071212; Sun, 7 Oct 2007 21:04:02 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Sun, 7 Oct 2007 21:04:02 +0300 From: Kostik Belousov To: "Zane C.B." Message-ID: <20071007180402.GI2180@deviant.kiev.zoral.com.ua> References: <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> <20071007122805.3853bffe@vixen42> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wIc/V6YLA2QdyfT4" Content-Disposition: inline In-Reply-To: <20071007122805.3853bffe@vixen42> User-Agent: Mutt/1.4.2.3i X-Scanner-Signature: b22dd54e5e410b0526d530b08df0ebb5 X-DrWeb-checked: yes X-SpamTest-Envelope-From: kostikbel@gmail.com X-SpamTest-Group-ID: 00000000 X-SpamTest-Info: Profiles 1563 [Oct 05 2007] X-SpamTest-Info: helo_type=3 X-SpamTest-Info: {received from trusted relay: not dialup} X-SpamTest-Method: none X-SpamTest-Method: Local Lists X-SpamTest-Rate: 0 X-SpamTest-Status: Not detected X-SpamTest-Status-Extended: not_detected X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0255], KAS30/Release Cc: freebsd-security@freebsd.org, Jan M?nther Subject: Re: issetugid() for other procs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 20:57:36 -0000 --wIc/V6YLA2QdyfT4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote: > On Sun, 07 Oct 2007 18:25:57 +0200 > Jan M?nther wrote: >=20 > > man getuid, man geteuid. >=20 > This does work for other procs, only the one that is calling it. >=20 > Like I said initially I am looking to check if another proc has run > setuid, seteuid, or been executed or forked by one that has. Note that what you trying to do is racy by definition. To get the value of issetugid() for some other process, as it _could_ be returned at some moment in a time, you shall check the P_SUGID bit of the p_flag from the corresponding struct proc. This is available by the kvm_getprocs(3) interface in the ki_flag field of the kinfo_proc structure, see corresponding man page. --wIc/V6YLA2QdyfT4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHCR+RC3+MBN1Mb4gRAu8yAKDXBQ2KBIDxA7ocXQ4ARCE/mI3E+ACdHKo7 Wz6mPiqcvH1dgd1tRg2WNKw= =9a+s -----END PGP SIGNATURE----- --wIc/V6YLA2QdyfT4--