Bugtraq mailing list archives

Re: OpenBSD Security Advisory: BSD I/O Signals

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Mon, 15 Sep 1997 20:06:43 +0100

systems, including BSDI, NetBSD, OpenBSD, and FreeBSD, in their most
recent release revisions. Additionally, this problem is known to affect
SGI IRIX, and may affect other operating systems as well.


The recycling the PID version of the bug is present in Linux. We fixed the
other version of it last time this lot came up on security lists (2 ? 3 years
ago).

interface to I/O notification must be modified to check credentials when
the TIOCSPGRP (or equivalent) ioctl() is used to set notificatio PID; the
OpenBSD patch resolves all currently known occurances of this in that


I don't believe the fix is correct in a "not changing behaviour" way. It
does seem right in a security way. Assigning version stamps (eg a timestamp)
to processes on creation time and using that as an authentication key would
be as simple and preserve the existing setup which allows suid programs
to set up signal delivery to another and drop priviledges.

Alan

Current thread:

Re: stealth port scanning Fyodor (Sep 08)
- Re: stealth port scanning Duncan Simpson (Sep 08)
- Re: stealth port scanning Alan Cox (Sep 08)
- Security Bulletins Digest Aleph One (Sep 09)
- AIX bugfiler Aleph One (Sep 09)
- FTP compromise. Aleph One (Sep 09)
- OpenBSD Security Advisory: BSD I/O Signals Thomas H. Ptacek (Sep 14)
  - Re: OpenBSD Security Advisory: BSD I/O Signals Alan Cox (Sep 15)
- Small bug in screen-3.7.1 gershwin (Sep 15)