Date: Tue, 04 Jul 2000 14:17:44 -0700 From: Mike Smith <msmith@freebsd.org> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/crypto/openssh sshd.c Message-ID: <200007042117.OAA05458@mass.osd.bsdi.com> In-Reply-To: Your message of "Tue, 04 Jul 2000 12:14:33 EDT." <Pine.NEB.3.96L.1000704121214.99862C-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I must have missed that commit while catching up from travel. I don't > like that technique for restarting daemons -- for one thing, it relies on > /proc being mounted. Given that /proc is typically mounted, and if it's not, we fall back to the previous behaviour (failure), this seems like a wise optimisation to me. > I have a continuing strong objection to the presence > of "file" in /proc in the first place, as I don't feel it substantially > contributes to useful functionality in /proc. ?? That's nonsense. It provides a useful piece of information (the image file backing a process' text/data) that is not available anywhere else. > While the switch from vnode > reference to symlink is an improvement, I'm still not sure any of the > associated complexity is a good idea. Does anything actually rely on this > behavior, other than sshd now? What "associated complexity"? It's already there and implemented and works. This actually strikes me as quite an intelligent use of the available facilities. > On Tue, 4 Jul 2000, Wes Morgan wrote: > > > I hope that there is no way ever in 1e6 years that someone will be able to > > subvert /proc/curproc and get sshd to execute the program of his choice as > > root when it gets HUP'd. I can't think of any way possible, but there are > > 6 billion people out there besides me. I'd be just as worried about someone subverting ssh's copy of argv[0], TBH. -- ... every activity meets with opposition, everyone who acts has his rivals and unfortunately opponents also. But not because people want to be opponents, rather because the tasks and relationships force people to take different points of view. [Dr. Fritz Todt] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007042117.OAA05458>