Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Albert D. Cahalan (acahalan@cs.uml.edu)
Tue, 4 Aug 1998 23:25:49 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chad C Giffin: "Re: gcc 2.7.2.3 vs gcc 2.8.1"
Previous message: david parsons: "Re: socket destroy delayed"
In reply to: Brandon S. Allbery KF8NH: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Brandon S. Allbery KF8NH: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

brandon s. allbery writes:
> In message <199808041827.OAA18688@jupiter.cs.uml.edu>, "Albert D. Cahalan"

> | OS/390 does something like that, even for non-setuid processes.
> | (no problems either: OS/390 is UNIX) So gcc could be hacked.
>
> On which planet? OS/390 is a cross of MVS and VM; it has a POSIX
> compatibility layer, but its guts are *not* Unix-like.

"OS/390 Version 1 Release 2 is a a certified UNIX system,
having achieved X/Open's XPG4 UNIX Profile Brand."

That's better than we can say. As for the "guts", who cares?
It could be a microkernel written in FORTRAN and still be unix.

It should be clear now that vulnerability to stack smashing is
not a unix requirement.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Chad C Giffin: "Re: gcc 2.7.2.3 vs gcc 2.8.1"
Previous message: david parsons: "Re: socket destroy delayed"
In reply to: Brandon S. Allbery KF8NH: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Brandon S. Allbery KF8NH: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"