Date: Wed, 19 Jul 2000 22:12:07 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Marcel Moolenaar <marcel@cup.hp.com> Cc: Robert Watson <rwatson@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, security-officer@FreeBSD.org Subject: Re: cvs commit: src/sys/i386/linux linux_dummy.c linux_misc.c Message-ID: <Pine.BSF.4.21.0007192207520.66253-100000@freefall.freebsd.org> In-Reply-To: <39768878.3D899AC@cup.hp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 19 Jul 2000, Marcel Moolenaar wrote:
> > If the answer to either of these questions is no, I'd like to see this
> > backed out before the release.
>
> If there's a shift in how we treat Linuxulator security issues, I'd like
> it to be discussed first. If any of the security officers decides after
> looking at the code that the implementation is too dangerous, I'll back
> it out.
It worries me: as I understand it, the current implementation will always
say it suceeds (but in fact does nothing) when someone asks "please change
my f[ug]id" (even someone without privileges, but I don't think that's so
important from a security PoV). So a Linux application running as root has
no way to know that it is STILL writing files out as root, and not the
reduced-privileges user it wanted to.
If this is indeed the case then I'd like it backed out until we can
emulate the behaviour more appropriately.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007192207520.66253-100000>