Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

David S. Miller (davem@dm.cobaltmicro.com)
Tue, 4 Aug 1998 11:57:48 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Manuel J. Galan: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Previous message: Gerd Knorr: "Re: video4linux, Hauppauge: no sound"
Maybe in reply to: Zachary Amsden: "[PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Erik Corry: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

Date: Tue, 4 Aug 1998 14:27:00 -0400 (EDT)
From: "Albert D. Cahalan" <acahalan@cs.uml.edu>

Do you have a silver bullet? For 30 years, auditing has failed.
You'd think unix wouldn't have any holes in 1998, yet it does.

No I don't.

In a similar vein I am no longer surprised when a new exploit is found
in TCP as a protocol. And when I construct a fix, I don't make one
which breaks the world for some people, or at least I don't expect
such a fix, if it did break things, to make it into a mainstream
release, it'd be a temporary and interim measure, nothing more,
nothing I'd want people to be "happy and content with".

You'd think we'd understand TCP completely in 1998, we don't.

Later,
David S. Miller
davem@dm.cobaltmicro.com

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Manuel J. Galan: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Previous message: Gerd Knorr: "Re: video4linux, Hauppauge: no sound"
Maybe in reply to: Zachary Amsden: "[PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Erik Corry: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"