On Mon, Apr 22, 2002 at 12:18:19PM -0700, Chris Wright wrote:
> * Florian Weimer (Weimer@CERT.Uni-Stuttgart.DE) wrote:
> > http://www.pine.nl/advisories/pine-cert-20020401.html probably affects
> > Linux, too (if a SUID/SGID program is invoked with FD 2 closed, error
> > messages might be written to a file opened by the program ).
>
> AFAIK, the standards clearly specify behaviour wrt. open file descriptors
> and clone-on-exec file descriptors across execve(). However, there
that is close-on-exec. Different semantics.
F_GETFD Read the close-on-exec flag. If the FD_CLOEXEC
bit is 0, the file will remain open across exec,
otherwise it will be closed.
> is nothing specified when it comes to closed file descpriptors across
> execve(), notably FD's 0, 1 and 2 are certainly not required to be open
> across an execve() of a SUID/SGID applictaion. One could argue that
> SUID/SGID apps that trust the file descriptors they inherit across exec()
> are buggy.
>
> Having said that, there are a number of implementations of this type
> of protection for the linux kernel stemming from the Openwall project.
> If you are interested, see:
>
> http://www.openwall.com (CONFIG_SECURE_FD_0_1_2)
> http://lsm.immunix.org (CONFIG_OWLSM_FD)
> http://grsecurity.net (CONFIG_GRKERNSEC_FD)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Apr 23 2002 - 22:00:35 EST