Date: Wed, 7 Jun 2000 15:45:12 +0300 From: Valentin Nechayev <netch@lucky.net> To: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug) Message-ID: <20000607154512.B82711@lucky.net> In-Reply-To: <200006070424.e574Od303232@cwsys.cwsent.com>; from Cy.Schubert@uumail.gov.bc.ca on Tue, Jun 06, 2000 at 09:24:34PM -0700 References: <NDBBJDFPGLMLFHLNEEOMCEIGFMAA.usebsd@free.fr> <200006070424.e574Od303232@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tue, Jun 06, 2000 at 21:24:34, Cy.Schubert wrote about "Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug)": > >From a security standpoint there should be no world writable > directories whatsoever, even with the sticky bit turned on, however in > today's environment, given that compatibility with other unixces might > be desireable, this may be unreasonable. At the very least root and > semi-privileged accounts, e.g. oracle, should absolutely never use a > directory that other users can write to. For one big security hole named Unix, it is true. FreeBSD is not an exception. But it is simple to extend existing interface, i.e., for O_DONTFOLLOWMID and O_NOSPECIAL flag in open(), and disable most of such exploits without risk of race condition. Of course, full solution should be more complicated. > If anyone thinks I've contradicted myself in this note, my intention > was to open the discussion to a wider range of possibilities than is > currently being discussed. On one hand we have compatibility with > other UNIX systems out there and in the other extreme we have a more > secure solution. Then of course there's the middle ground, wherever > that may be. Well, and what is your alternative to /tmp/.X11-unix? -- NVA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000607154512.B82711>