On Sat, 21 Feb 1998, ther wrote: > process.. for example mmaping /proc/<cfsdpid>/mem to memory and change the > code. cfsd seteuid's itself to root again after the file access and after a setreuid call the process is marked as undumpable under linux - so the programm code can't be modified, as i said (cause undumpable processes are not inserted in the proc tree) but it still could be killed with a signal.. btw: the patch i posted works (it can't be killed by a user anymore), but i forgot the #else statment. --- cfs.h~ Sat Feb 21 18:14:03 1998 +++ cfs.h Sat Feb 21 17:53:08 1998 @@ -200,8 +200,13 @@ #define become(x) ((x)==NULL?(setuidx(ID_EFFECTIVE | ID_REAL,0)||setgidx(ID_EFFECTIVE|ID_REAL,0)) :\ (setgidx(ID_EFFECTIVE|ID_REAL,rgid(x)) || setuidx(ID_EFFECTIVE|ID_REAL, ruid(x)))) #else +#ifdef linux +#define become(x) ((x)==NULL?(seteuid(0)||setegid(0)) :\ + (setfsgid(rgid(x)) || setfsuid(ruid(x)))) +#else #define become(x) ((x)==NULL?(seteuid(0)||setegid(0)) :\ (setegid(rgid(x)) || seteuid(ruid(x)))) +#endif #endif #define keyof(f) (&((f)->ins->key)) #define vectof(f) ((f)->vect) this patch is against ftp://ftp.funet.fi/pub/crypt/utilities/file/cfs.1.4.0.beta2.tar.gz bye, therapy
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:57 PDT