lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <87r6toufpp.wl@betelheise.deep.net>
Date:	Mon, 22 Jan 2007 02:23:30 +0300
From:	Samium Gromoff <_deepfire@...lingofgreen.ru>
To:	David Wagner <daw@...berkeley.edu>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Undo some of the pseudo-security madness

David Wagner wrote:
> Samium Gromoff  wrote:
> >the core of the problem are the cores which are customarily
> >dumped by lisps during the environment generation (or modification) stage,
> >and then mapped back, every time the environment is invoked.
> >
> >at the current step of evolution, those core files are not relocatable
> >in certain natively compiling lisp systems.
> >
> >in an even smaller subset of them, these cores are placed after
> >the shared libraries and the executable.
> >
> >which obviously breaks when the latter are placed unpredictably.
> >(yes, i know, currently mmap_base() varies over a 1MB range, but who
> >says it will last indefinitely -- probably one day these people
> >from full-disclosure will prevail and it will become, like, 256MB ;-)
> >
> >so, what do you propose?
> 
> The obvious solution is: Don't make them setuid root.
> Then this issue disappears.
> 
> If there is some strong reason why they need to be setuid root, then
> you'll need to explain that reason and your requirements in more detail.
> But, based on your explanation so far, I have serious doubts about
> whether it is a good idea to make such core-dumps setuid root in the
> first place.

not "core-dumps" but "core files", in the lispspeak, but anyway.

the reason is trivial -- if i can write programs enjoying setuid
privileges in C, i want to be able to do the same in Lisp.

the only way to achieve this i see, is to directly setuid root
the lisp system executable itself -- because the lisp code
is read, compiled and executed in the process of the lisp
system executable.

there is such a thing as suid-perl -- for precise same reasons.

regards, Samium Gromoff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ