[9047] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Wiping out setuid programs

daemon@ATHENA.MIT.EDU (Niall Smart)
Wed Jan 13 13:35:42 1999

Date: 	Tue, 12 Jan 1999 17:03:22 +0000
Reply-To: Niall Smart <niall@POBOX.COM>
From: Niall Smart <niall@POBOX.COM>
X-To:         Neale Banks <neale@LOWENDALE.COM.AU>
To: BUGTRAQ@NETSPACE.ORG

>
> I thought this one was laid to rest last year in the "Dump a mode
> --x--x--x binary on Linux 2.0.x" thread, wherein Martin Mares summarised:
>
> > Semantics of unreadable files is well-defined at file level (i.e.,
> > it's defined you cannot read() them), but not at any other level. No
> > standard guarantees you that contents of such binaries are not
> > accessible in any other way

For the record, the same caveat applies to the semantics of the
immutable file
flag, i.e. files with the immutable and executable file flags do not
lead to
immutable processes.  For more see:

        http://www.pobox.com/~niall/adv/seclvl.txt

Regards,



Niall

home help back first fref pref prev next nref lref last post