Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 7 Oct 2007 21:53:14 +0300
From:      Kostik Belousov <kostikbel@gmail.com>
To:        "Zane C.B." <v.velox@vvelox.net>
Cc:        freebsd-security@freebsd.org, Jan M?nther <jan.muenther@nruns.com>
Subject:   Re: issetugid() for other procs
Message-ID:  <20071007185314.GJ2180@deviant.kiev.zoral.com.ua>
In-Reply-To: <20071007133917.73b5f665@vixen42>
References:  <20071007105258.2d4c2e37@vixen42> <47090895.9050202@nruns.com> <20071007122805.3853bffe@vixen42> <20071007180402.GI2180@deviant.kiev.zoral.com.ua> <20071007133917.73b5f665@vixen42>
next in thread | previous in thread | raw e-mail | index | archive | help 

--dpynvXbW/eW9Tpc3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Oct 07, 2007 at 01:39:17PM -0500, Zane C.B. wrote:
> On Sun, 7 Oct 2007 21:04:02 +0300
> Kostik Belousov <kostikbel@gmail.com> wrote:
>=20
> > On Sun, Oct 07, 2007 at 12:28:05PM -0500, Zane C.B. wrote:
> > > On Sun, 07 Oct 2007 18:25:57 +0200
> > > Jan M?nther <jan.muenther@nruns.com> wrote:
> > >=20
> > > > man getuid, man geteuid.
> > >=20
> > > This does work for other procs, only the one that is calling it.
> > >=20
> > > Like I said initially I am looking to check if another proc has
> > > run setuid, seteuid, or been executed or forked by one that has.
> >=20
> > Note that what you trying to do is racy by definition.
>=20
> Why is that? It seems like something that be useful instead of
> something taboo. My interest in it is I am writing a database
> connector interested in making it paranoid as possible.

Because you do not control the execution of the other process. As
consequence, value you get is outdated even before you start using it.

--dpynvXbW/eW9Tpc3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)

iD8DBQFHCSsZC3+MBN1Mb4gRAs5kAJwMvHZ5QuNdQtjz2TqhT+p6OlrUiwCfZVl3
tC67uh6NwzA+fZu559Qo/Fg=
=GfVy
-----END PGP SIGNATURE-----

--dpynvXbW/eW9Tpc3--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071007185314.GJ2180>