看板FB_security
標 題Re: Opinion on checking return value of setuid(getuid())?
發信站NCTU CS FreeBSD Server (Mon Oct 1 20:58:41 2012)
轉信站ptt!csnews.cs.nctu!news.cs.nctu!FreeBSD.cs.nctu!freebsd.org!owner-free
Den 01/10/2012 kl. 12.49 skrev Konstantin Belousov =
<
[email protected]>:
> setuid() might also fail for other reasons, e.g. due to custom MAC =
module.
>=20
> In case of ping, does the failure of dropping the suid bit is =
important ?
I believe it is. If 'setuid()' fails then 'uid' becomes 0 and it's =
possible e.g. to do a "Flood ping".
Erik=
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "
[email protected]"