[8784] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Why you should avoid world-writable directories

daemon@ATHENA.MIT.EDU (Alan Cox)
Wed Dec 23 03:16:21 1998

Date: 	Tue, 22 Dec 1998 13:22:35 +0000
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <19981222002021.16541.qmail@cr.yp.to> from "D. J. Bernstein" at
              Dec 22, 98 00:20:21 am

> world-writable directories. The security community would love to see
> another portable IPC mechanism offering guaranteed user identification.
> (I suggest that kernels add a getpeeruid() system call, showing the real
> uid that called connect(), for UNIX-domain sockets and for loopback TCP
> sockets.) However, while we're waiting, we need a few setuid programs.

getpeeruid() has a problem since multiple processes may write to one
datagram socket, also processes can change uid and file handles can be
passed around.

Both recent *BSD and Linux 2.1.x have per message authentication data
for AF_UNIX sockets that is available as a control message (ie you can
get it via recvmsg()).

Alan

home help back first fref pref prev next nref lref last post