Date: Sat, 08 Jul 2000 15:30:13 -0700 From: Mike Smith <msmith@freebsd.org> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh sshd.c Message-ID: <200007082230.PAA01325@mass.osd.bsdi.com> In-Reply-To: Your message of "08 Jul 2000 12:33:51 %2B0200." <xzp66qgud0w.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> Wes Morgan <morganw@chemicals.tacorp.com> writes: > > I hope that there is no way ever in 1e6 years that someone will be able to > > subvert /proc/curproc and get sshd to execute the program of his choice as > > root when it gets HUP'd. I can't think of any way possible, but there are > > 6 billion people out there besides me. > > Well, for starters, /proc might not be mounted, and an 3v1l h4xx0r > might be able to trick a root-owned process into creating > /proc/curproc/file. At which point about a billion other security holes are also opened. Your argument holds equally well for suggesting that "secure" programs should never read configuration files either. -- ... every activity meets with opposition, everyone who acts has his rivals and unfortunately opponents also. But not because people want to be opponents, rather because the tasks and relationships force people to take different points of view. [Dr. Fritz Todt] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007082230.PAA01325>