Re: Port of secure fd handling to LSM

• Previous message: David Wagner: "Re: Port of secure fd handling to LSM"
• In reply to: Greg KH: "Re: Port of secure fd handling to LSM"
• Next in thread: richard offer: "Re: Port of secure fd handling to LSM"
• Next in thread: David Wagner: "Re: Port of secure fd handling to LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greg KH  wrote:
>Um, maybe I'm just too tired to realize it right now, but what security
>does this offer?

This provides a defense against the 'stderr' attacks on setuid attacks
described a year or two back in the usual places.  In particular, consider
a /bin/passwd program that does something like the following:
   fd = open("/etc/passwd", O_RDWR);
   if (fd < 0) {
     perror("open"); exit(1);
   }
Guess what?  If you run this program with stderr closed, it hoses your
password file.  The potential for mischief should be obvious.

Of course, I didn't understand why this patch demonstrated a need for
passing fds to the read() hook, either, so I'm in the dark with you on
that one.

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: Problems with some of the current hooks"
• Previous message: David Wagner: "Re: Port of secure fd handling to LSM"
• In reply to: Greg KH: "Re: Port of secure fd handling to LSM"
• Next in thread: richard offer: "Re: Port of secure fd handling to LSM"
• Next in thread: David Wagner: "Re: Port of secure fd handling to LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 19:53:28 PDT