Date: Mon, 11 Aug 1997 15:26:28 +0000 (GMT) From: Alfred Perlstein <perlsta@sunyit.edu> To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru> Cc: Sean Eric Fagan <sef@Kithrup.COM>, FreeBSD-current <current@FreeBSD.ORG>, security@FreeBSD.ORG, Bruce Evans <bde@zeta.org.au> Subject: Re: procfs patch Message-ID: <Pine.BSF.3.96.970811152523.11158A-100000@server.local.sunyit.edu> In-Reply-To: <Pine.BSF.3.96.970811224051.5953A-100000@lsd.relcom.eu.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Gosh, that's what I had originally, and everyone didn't like *that*. > > (Frankly, neither did I.) > > Now I like Bruce's idea that exec call should fail if procfs memory is > open and setuid program is executed. why not have procfs check the UID of the file everytime an access is made VS the UID of the accessing program and denying access at that point? Alfred
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970811152523.11158A-100000>