[ubuntu-hardened] Removing SUID on binaries that don't need it
Scott James Remnant
scott at ubuntu.com
Thu Nov 29 19:51:34 GMT 2007
On Thu, 2007-11-29 at 14:43 -0500, Phillip Susi wrote:
> Scott James Remnant wrote:
> > On Wed, 2007-11-28 at 21:28 -0500, John Richard Moser wrote:
> >
> >> Theoretically, nobody cares. Here's a good way to start a program:
> >>
> >> int main() {
> >
> > Race condition here.
> >
> >> drop_unneeded_caps();
> >
> > And here.
>
> Huh? Where is the other thread and what are they racing for?
>
The other process owned by the user that ptraced you, and made you skip
the syscalls that dropped your caps.
Scott
--
Scott James Remnant
scott at ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20071129/88056245/attachment.pgp
More information about the ubuntu-hardened
mailing list