[5278] in bugtraq
Re: OpenBSD Security Advisory: BSD I/O Signals
daemon@ATHENA.MIT.EDU (Alan Cox)
Mon Sep 15 16:18:11 1997
Date: Mon, 15 Sep 1997 20:06:43 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To: tqbf@enteract.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19970915060619.20006.qmail@smtp.enteract.com> from "Thomas H.
Ptacek" at Sep 15, 97 01:06:19 am
> systems, including BSDI, NetBSD, OpenBSD, and FreeBSD, in their most
> recent release revisions. Additionally, this problem is known to affect
> SGI IRIX, and may affect other operating systems as well.
The recycling the PID version of the bug is present in Linux. We fixed the
other version of it last time this lot came up on security lists (2 ? 3 years
ago).
> interface to I/O notification must be modified to check credentials when
> the TIOCSPGRP (or equivalent) ioctl() is used to set notificatio PID; the
> OpenBSD patch resolves all currently known occurances of this in that
I don't believe the fix is correct in a "not changing behaviour" way. It
does seem right in a security way. Assigning version stamps (eg a timestamp)
to processes on creation time and using that as an authentication key would
be as simple and preserve the existing setup which allows suid programs
to set up signal delivery to another and drop priviledges.
Alan
