Date: Wed, 27 Nov 1996 14:05:03 +0100 (MEZ) From: "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at> To: julian@whistle.com (Julian Elischer) Cc: wpaul@skynet.ctr.columbia.edu, terry@lambert.org, sprice@hiwaay.net, hackers@freebsd.org Subject: Re: looking for an idea Message-ID: <199611271305.AA071569903@ws2301.gud.siemens.co.at> In-Reply-To: <329B547F.167EB0E7@whistle.com> from "Julian Elischer" at Nov 26, 96 12:35:11 pm
next in thread | previous in thread | raw e-mail | index | archive | help
E-mail message from Julian Elischer contained: > Bill Paul wrote: > > > > > If YOU ( the server) are root.... > > make a file owned by them mode 400 > require them to open it and send you the file descriptor via AF_UNIX > > check it matches.. > if it does, then > 1/ the are themselves > or > 2/ they are root (game over) Or 3) they made a hard link, opened that, and sent you the file descriptor. The only protection agains that is a partition writable only by root where these files are to live--almost as bad as procfs. /Marino
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611271305.AA071569903>