Subject: re: Addition to force open to open only regular files
To: None <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 11/15/2000 20:18:24
[ On Monday, November 13, 2000 at 21:18:24 (+1100), matthew green wrote: ]
> Subject: re: Addition to force open to open only regular files
> - setr*id() is easy to use safely, and has been used safely in programs
> for N years.
That's not true. Many different mistakes (or rather unfounded
assumptions) in often unrelated subsystems have resulted in
vulnerabilities in the setr*id() mechanisms, particularly when superuser
privileges are involved.
Those mistakes *will* be made again in the future.
> - seteuid() based saved-id's are, from what i've seen, the best way
> to manage these priviledges sanely.
Well, when the superuser is involved even then there are caveats.
Greg A. Woods
+1 416 218-0098 VE3TCP <firstname.lastname@example.org> <robohack!woods>
Planix, Inc. <email@example.com>; Secrets of the Weird <firstname.lastname@example.org>