[6807] in bugtraq
Re: pingflood.c
daemon@ATHENA.MIT.EDU (Niall Smart)
Tue May 19 16:57:39 1998
Date: Mon, 18 May 1998 21:06:08 +0100
Reply-To: Niall Smart <njs3@DOC.IC.AC.UK>
From: Niall Smart <njs3@DOC.IC.AC.UK>
X-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG> "Re: pingflood.c" (May
18, 12:46pm)
On May 18, 12:46pm, Theo de Raadt wrote:
} Subject: Re: pingflood.c
> > BTW, how many setuid programs are there that will catch various
> > signals and will behave "not-as-expected" when forked off by a
> > signal-bomber parent process, such as pingflood?
>
> Unlike seemingly everone else in this thread, who are very busy trying
> to patch ping for a problem which it is obvious many other programs in
> the source tree will also encounter, Aggelos has taken the first step
> and used started thinking about the further consequences.
[snip]
> For more information on how I have fixed this problem, due to a
> conversation with David Holland a couple months back about this basic
> problem, see both www.openbsd.org/security.html#23 and
> www.openbsd.org/errata.html#kill
I would have also thought it advisable to prevent a non-priviledged
user from sending a signal to a set[ug]id process which has installed
a handler for that signal.
Niall
