Email List: Xaustin-group-lX
[All Lists]
<prev [Date] next>
Search for messages containing

in message Subject: To: From: (none)
<prev [Thread] next>

Re: nohup with stdout closed (was: Defect in XCU nohup)

To: yyyyyyyyyyyyyy@xxxxxxxxxxxxx
Subject: Re: nohup with stdout closed (was: Defect in XCU nohup)
From: Gunnar Ritter <yyyyyyy@xxxxxxx>
Date: Thu, 14 Jul 2005 13:51:37 +0200
Organization: Privat.
References: <200507132133.WAA13330@xoneweb.opengroup.org><20050714101704.GB6585@squonk.masqnet><20050714113409.GA3966@excession.spiral-arm.org> 
yyy@xxxxxxxxxxxxxxxxxxxxxxxx (James Youngman) wrote:

> It can be worse than this, too.  For example, 'ping' is set-user-id on
> many systems, and by this mechanism it can be persuaded to send
> arbitrary data of an attacker's choice out of its raw socket.  Hence
> the wording of execve() which I quote below.

The correct way to handle this problem is to fix that implementation
of the "ping" program, and to fix it _now_. A program that relies on
a "may" condition in the standard is not a secure one and should not
be run set-used-id anyway, regardless of possible future changes.

        Gunnar
[Search for more with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: nohup with stdout closed (was: Defect in XCU nohup), Gunnar Ritter
Next by Date:  Re: nohup with stdout closed (was: Defect in XCU nohup), James Youngman
Previous by Thread:  Re: nohup with stdout closed (was: Defect in XCU nohup), James Youngman
Next by Thread:  Re: nohup with stdout closed (was: Defect in XCU nohup), James Youngman
Indexes:  [Date] [Thread] [All Lists]