Re: Wiping out setuid programs

From: Niall Smart (niallat_private)
Date: Tue Jan 12 1999 - 09:03:22 PST

Next message: Jon Ross: "Re: Checking for most recent Solaris Security Patches"

Previous message: Jonathan Katz: "ACM CCS'99 CFP (fwd)"
Maybe in reply to: D. J. Bernstein: "Wiping out setuid programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
> I thought this one was laid to rest last year in the "Dump a mode
> --x--x--x binary on Linux 2.0.x" thread, wherein Martin Mares summarised:
>
> > Semantics of unreadable files is well-defined at file level (i.e.,
> > it's defined you cannot read() them), but not at any other level. No
> > standard guarantees you that contents of such binaries are not
> > accessible in any other way

For the record, the same caveat applies to the semantics of the
immutable file
flag, i.e. files with the immutable and executable file flags do not
lead to
immutable processes.  For more see:

        http://www.pobox.com/~niall/adv/seclvl.txt

Regards,



Niall

Next message: Jon Ross: "Re: Checking for most recent Solaris Security Patches"
Previous message: Jonathan Katz: "ACM CCS'99 CFP (fwd)"
Maybe in reply to: D. J. Bernstein: "Wiping out setuid programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:40 PDT