Bugtraq mailing list archives

Re: pingflood.c

From: njs3 () DOC IC AC UK (Niall Smart)
Date: Mon, 18 May 1998 21:06:08 +0100


On May 18, 12:46pm, Theo de Raadt wrote:
} Subject: Re: pingflood.c

BTW, how many setuid programs are there that will catch various
signals and will behave "not-as-expected" when forked off by a
signal-bomber parent process, such as pingflood?


Unlike seemingly everone else in this thread, who are very busy trying
to patch ping for a problem which it is obvious many other programs in
the source tree will also encounter, Aggelos has taken the first step
and used started thinking about the further consequences.

[snip]

For more information on how I have fixed this problem, due to a
conversation with David Holland a couple months back about this basic
problem, see both www.openbsd.org/security.html#23 and
www.openbsd.org/errata.html#kill


I would have also thought it advisable to prevent a non-priviledged
user from sending a signal to a set[ug]id process which has installed
a handler for that signal.

Niall

Current thread:

Re: pingflood.c Aggelos P. Varvitsiotis (May 18)
- Re: pingflood.c pedward () WEBCOM COM (May 18)
  - Re: pingflood.c Jeffrey Hutzelman (May 18)
  - Re: pingflood.c Phil Stracchino (May 18)
  - root from file table overflows? Chris Conner (May 19)
- Re: pingflood.c Theo de Raadt (May 18)
- Re: pingflood.c sinster () DARKWATER COM (May 18)
- <Possible follow-ups>
- Re: pingflood.c pedward () WEBCOM COM (May 18)
- Re: pingflood.c Niall Smart (May 18)