Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!news.enteract.com!newsfeed.enteract.com!tqbf From: tqbf@char-star.rdist.org (Thomas H. Ptacek) Newsgroups: comp.unix.bsd.bsdi.misc,comp.unix.bsd.misc,comp.security.unix Subject: Re: *BSD* Security WWW/Mailing List? Date: 29 Apr 1997 12:39:50 GMT Organization: EnterAct, L.L.C. Lines: 34 Message-ID: <slrn5mbr0m.lhc.tqbf@char-star.rdist.org> References: <3356E1CC.299E@softway.com.au> <slrn5ll06k.kd3.tqbf@char-star.rdist.org> <5jhur6$51u@innocence.interface-business.de> <slrn5lpvmq.1hm.tqbf@char-star.rdist.org> <5jlr60$f7d@web.nmti.com> <slrn5ltb2l.br4.tqbf@char-star.rdist.org> <5jo5m4$f9v@web.nmti.com> <slrn5m0dbf.jsb.tqbf@char-star.rdist.org> <5jqtkh$mmo@web.nmti.com> <slrn5m22vo.gfb.tqbf@char-star.rdist.org> <5k24qf$mr0@innocence.interface-business.de> <slrn5m9b2n.6le.tqbf@char-star.rdist.org> <DERAADT.97Apr28111834@zeus.pacifier.com> Reply-To: tqbf@enteract.com NNTP-Posting-Host: char-star.rdist.org X-Newsreader: slrn (0.9.1.1 BETA UNIX) Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.misc:6782 comp.unix.bsd.misc:3114 comp.security.unix:34118 28 Apr 1997 17:18:34 GMT deraadt@theos.com: > Yay! >And they changed the semantics. The calling convention for issetugid() is identical in OpenBSD and FreeBSD; they even use the same system call number. The difference between OpenBSD and FreeBSD is documented explicitly in the source code. FreeBSD and OpenBSD implement the mechanics of the system call identically. Both use a proc structure flag that gets set in execve() if the file being executed is set[ug]id. In both FreeBSD and OpenBSD, this flag is only unset in execve(), when executing non-set[ug]id code. I would, incidentally, like to know why this is (why is the flag ever unset?). The difference is that OpenBSD creates a new process flag explicitly to support issetguid(), and FreeBSD uses P_SUGID. The P_SUGID flag is set not only when executing set[ug]id code, but also any time credentials are changed explicitly. I think this is a good idea. I also think that issetugid() really should be "isprivileged()", and that the more things that set the privilege flags, the better. I am, however, not a full-time kernel developer, and few of us have the same level of experience fixing security problems as the OpenBSD development team, so I'd like to know what you think the issue here is. -- ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- exit(main(kfp->kargc, argv, environ));