Re: suenv

To: tech-kern%netbsd.org@localhost
Subject: Re: suenv
From: christos%astron.com@localhost (Christos Zoulas)
Date: Tue, 23 Oct 2012 18:56:06 +0000 (UTC)

In article 
<C75A84166056C94F84D238A44AF9F6AD277C2B%AUSX10MPC103.AMER.DELL.COM@localhost>,
 <Paul_Koning%Dell.com@localhost> wrote:

>But apache is security critical, isn't it?  And it certainly is
>threaded.  Or are you applying the term "security critical" only to a
>smaller set of components?  

Yes, but apache is designed to be threaded. login, su, and other
pam users not necessarily. Typically programs "know" the closure
of shared libraries that they can potentially use, and PAM breaks
that model. The threaded/non-threaded case is a particularly nasty
example, where a program might assume that it can use static storage
and non-threaded interfaces (res_foo() instead of res_nfoo(),
getdbfoo() instead of getdbfoo_r()) and then suddenly it finds
itself in a threaded environment and potential heisen bugs. In the
apache case these may effect only the apache user and whatever
access it has, but login/su and other PAM users cases this leads
to a complete system compromise.

christos

Follow-Ups:
- Re: suenv
  - From: Emmanuel Dreyfus
- Re: suenv
  - From: Paul_Koning

References:
- Re: suenv
  - From: Thor Lancelot Simon
- Re: suenv
  - From: Eric Haszlakiewicz
- Re: suenv
  - From: Mouse
- Re: suenv
  - From: Paul_Koning

Prev by Date: Re: suenv
Next by Date: Re: NetBSD 6.0/amd64 panic: ciss: dead (DL ProLiant 360P)
Previous by Thread: Re: suenv
Next by Thread: Re: suenv
Indexes:

Home | Main Index | Thread Index | Old Index