Re: Opinion on checking return value of setuid(getuid())?

看板FB_security作者時間13年前 (2012/10/01 19:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串5/14 (看更多)
--QV9egoCq9O4JbpTr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 01, 2012 at 12:58:41PM +0200, Erik Cederstrand wrote: > Den 01/10/2012 kl. 12.49 skrev Konstantin Belousov <kostikbel@gmail.com>: >=20 > > setuid() might also fail for other reasons, e.g. due to custom MAC modu= le. > >=20 > > In case of ping, does the failure of dropping the suid bit is important= ? >=20 > I believe it is. If 'setuid()' fails then 'uid' becomes 0 and it's possib= le e.g. to do a "Flood ping". I do not believe in the dreadful 'flood ping' security breach. Is a local escalation possible with non-dropped root ? --QV9egoCq9O4JbpTr Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD) iEYEARECAAYFAlBpeZUACgkQC3+MBN1Mb4hVSQCgu6dNZmRa5xxou9vCCW70YSAd aKkAn1ACh2+aeVhYCWrK+epJyFeOQ/GA =9om6 -----END PGP SIGNATURE----- --QV9egoCq9O4JbpTr--
更多 kostikbel. 的文章
文章代碼(AID): #1GQNyrDd (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 5 之 14 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共14篇)
更多 kostikbel. 的文章
文章代碼(AID): #1GQNyrDd (FB_security)