tech-security: Re: suid helper to verify own passwd

Subject: Re: suid helper to verify own passwd
To: None <tech-security@netbsd.org>
From: Travis H. <travis@subspacefield.org>
List: tech-security
Date: 12/25/2006 22:59:58

--PmA2V3Z32TCmWXqI
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Dec 21, 2006 at 10:19:00PM -0500, Thor Lancelot Simon wrote:
> You understand that an attacker with your UID can simply read from your
> tty, right, since it's a file you can open?  Or, for that matter, from
> the memory image of your process, using ptrace.  The X11 thing is really
> a red herring.
>=20
> It sounds like you want a sort of "one open only" attribute for file
> descriptors

Or:
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/trusted-path.=
html

--=20
A: No.
Q: Should I include quotations after my reply?
<URL:http://www.subspacefield.org/~travis/> -><-

--PmA2V3Z32TCmWXqI
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (OpenBSD)

iQIVAwUBRZCsTmQVZZEDJt9HAQJjmA//c48k86I0FKtkSFdYtXminjQWhTCpxptY
9ovjmossrXH3xmHYFgxcQB4cyBG2rBeILQszqCF6/ilpByOsaXRRynHXg+XRYBRT
sKq7onBP90415qPEABWlVqoPZFHz7i4oqIhP3+EGqD8CjvxErIdfPF6lm5Jf5b3q
djyQ3cJ2aXl0E3ay/hDqXELWGFxd5jvTALYXFG+nBQpsSvJXD01jewuluq/Qf5Ch
ZRMjbopev2fnOxOmoS6l1ClTbl8UBNvPkme4HIqnhbJ/dPny3TrozZl5IN6wXLrz
onuqNxmF8jgO7wCSpwExLoK7UcBDAKjWlRdfbH3BBRjOkoh5Hx2Kh/kdLlm/tPT4
elULQuzThSwwefxSXpRNiu0g6UhG/nwi8dZECQGjBYHBTTcGjg0rEdChb/swBaZ1
kn1VU8f+vt5nDuymMP2MqSKjexEjbD7XJuA2uEtb+J2U8RJcx1WuTjASCLki6i7s
BsTlC87pdkgfvqFCvoBtGQO3X6L7J6rByUvEVpuh/6rQ0keeEC0tGzwQfv2AQ5zo
kXEkFlXlBJjWGlRnJQX5SeIrDHlDO2kzltooQMH2vVOF26XzTyHFtMCMXF6tJgGo
vLGfdpDgrYWfbXKpkckz1uYeS6cFeI8oG7Kf/DGyXjZbfY4Un38MCc9JNXfr2aE5
OlvjI5DjwC4=
=cPs3
-----END PGP SIGNATURE-----

--PmA2V3Z32TCmWXqI--