[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: exec server protocol
From: |
Roland McGrath |
Subject: |
Re: exec server protocol |
Date: |
Tue, 20 May 2003 14:04:35 -0400 (EDT) |
You need to clear IPC rights when they can imply the holding of some
resources somewhere. In Mach, you could get a send right that keeps
something alive, exec a setuid root program, and then that send right lives
even if there are no processes anywhere left belonging to the original uid.
You can think of other such scenarios, with varying degrees of badness that
could be made to happen. They may all be DoS.