[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: exec and EXECSERVERS
From: |
Thomas Bushnell, BSG |
Subject: |
Re: exec and EXECSERVERS |
Date: |
20 Dec 2002 00:44:45 -0800 |
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 |
prj@po.cwru.edu (Paul Jarc) writes:
> I agree - the kernel does not set uid=euid. (It preserves the old
> uid, and sets the new euid according to the file's owner.) I was
> saying something different: if there is a program running in a setuid
> situation (i.e., its real uid is different from its effective uid)
> that changes its real uid to match its effective uid (I'm not claiming
> this happens often), and then runs another program, then that other
> program will have no way of knowing that it is in a setuid situation.
This isn't how we deal with setuid security in the Hurd, however.
A setuid exec is not just an exec where ruid != euid; it's
specifically one which *changes* the euid. This case is dectected by
fs_exec, and the filesystem sets the "secure exec" flag.
We don't want to change other execs, because there is no reason to
think there is any kind of security implication for them.
- exec and EXECSERVERS, Alfred M. Szmidt, 2002/12/19
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/19
- Re: exec and EXECSERVERS, Neal H. Walfield, 2002/12/19
- Re: exec and EXECSERVERS, Alfred M. Szmidt, 2002/12/19
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/19
- Re: exec and EXECSERVERS, Paul Jarc, 2002/12/19
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/19
- Re: exec and EXECSERVERS, Paul Jarc, 2002/12/19
- Re: exec and EXECSERVERS,
Thomas Bushnell, BSG <=
- Re: exec and EXECSERVERS, Paul Jarc, 2002/12/20
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/20
- Re: exec and EXECSERVERS, Roland McGrath, 2002/12/20
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/20
- Re: exec and EXECSERVERS, Roland McGrath, 2002/12/20
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/20
- Re: exec and EXECSERVERS, Roland McGrath, 2002/12/20
- Re: exec and EXECSERVERS, Thomas Bushnell, BSG, 2002/12/20
- Re: exec and EXECSERVERS, Roland McGrath, 2002/12/20
- Re: exec and EXECSERVERS, Paul Jarc, 2002/12/20