[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: saved IDs and exec (standard violation?)
From: |
Thomas Bushnell, BSG |
Subject: |
Re: saved IDs and exec (standard violation?) |
Date: |
12 May 2002 01:21:39 -0700 |
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 |
Roland McGrath <roland@frob.com> writes:
> The only drawback I see is in the case when svuid!=euid or svgid!=egid, and
> you are executing an sugid file. The user will reauthenticate everything
> for the svuid=euid, svgid=egid change and then the filesystem will
> reauthenticate everything again to do the suid/sgid. So, a sugid program
> that execs another sugid program directly without an intervening exec of a
> non-suid program--a pretty rare event, I would guess.
I'm happy to gunk up setuid execs with however many extra RPCs as long
as normal execs can remain speedy.
> > But there might be a security reason why we have to force the change
> > to be made. But I can't possibly see what that would be.
>
> I don't think any concept of security is sensical for non-sugid execs with
> EXEC_SECURE. The user who made the call will always be able to grab the
> process by its scrawny little task port and diddle its ports out the wazoo.
Exactly my thinking.
- saved IDs and exec (standard violation?), Marcus Brinkmann, 2002/05/10
- Re: saved IDs and exec (standard violation?), Marcus Brinkmann, 2002/05/10
- Re: saved IDs and exec (standard violation?), Roland McGrath, 2002/05/11
- Re: saved IDs and exec (standard violation?), Thomas Bushnell, BSG, 2002/05/11
- Re: saved IDs and exec (standard violation?), Roland McGrath, 2002/05/11
- Re: saved IDs and exec (standard violation?), Thomas Bushnell, BSG, 2002/05/11
- Re: saved IDs and exec (standard violation?), Roland McGrath, 2002/05/11
- Re: saved IDs and exec (standard violation?),
Thomas Bushnell, BSG <=
- Re: saved IDs and exec (standard violation?), Marcus Brinkmann, 2002/05/12
- Re: saved IDs and exec (standard violation?), Marcus Brinkmann, 2002/05/12