[26233] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Linux kernel setgid implementation flaw

daemon@ATHENA.MIT.EDU (Wietse Venema)
Fri Jul 19 14:16:38 2002

In-Reply-To: <20020719141554.694f07e1.fozzy@dmpfrance.com> "from FozZy at Jul
 19, 2002 02:15:54 pm"
To: bugtraq@securityfocus.com
Date: Fri, 19 Jul 2002 12:48:49 -0400 (EDT)
Reply-To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Message-Id: <20020719164849.222FCBC073@spike.porcupine.org>
From: wietse@porcupine.org (Wietse Venema)

FYI,

The August USENIX Security conference has a good paper that examines
in depth the semantics of UID and GID setting calls for Solaris,
FreeBSD and Linux. The differences are quite remarkable.

	Wietse

Setuid Demystified, by Hao Chen, David Wagner, UC Berkeley; Drew
Dean, SRI International
www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26233] in bugtraq

Re: Linux kernel setgid implementation flaw

daemon@ATHENA.MIT.EDU (Wietse Venema)Fri Jul 19 14:16:38 2002

daemon@ATHENA.MIT.EDU (Wietse Venema)
Fri Jul 19 14:16:38 2002