Re: Cobalt RaQ 3 security hole?

["Forrest J. Cavalier III" <mibsoft () EPIX NET>]

The Microsoft FrontPage security model and implementation
of the idea mentioned by E Marshall is discussed at:
    http://officeupdate.microsoft.com/frontpage/wpp/serk/scuni.htm

(And as a bonus for checking just now, they seem to have finally
published the FrontPage client-server RPC API too!)
    http://msdn.microsoft.com/workshop/languages/fp/default.asp

Forrest J. Cavalier III, Mib Software
   Get links to code and the knowledge to use it.
   http://www.rocketaware.com/  Programmer's Webliography


"Edward S. Marshall" <emarshal () LOGIC NET> wrote, in part:
> On Fri, 21 Jul 2000, Peter W wrote:
> > You think having SUID binaries lying around on the filesystem is a better
> > idea? Runnable by --you said it-- 'nobody'?[0] Maybe even run by random
> > other local users?
>
> That particular trust issue is a solvable problem, especially in this
> case.
>
> Imagine a wrapper script for Apache which generates a random cookie and
> writes it to a file readable only by root (and then executes Apache with
> reduced priviledge, perhaps passing in file descriptors for the ports it
> needs while doing so, ala INN's "startinnd").
>
> Then imagine a setuid helper application (say, a modified suexec) whose
> sole purpose in life is to read that cookie file, receive the cookie via
> some form of IPC from Apache, compare the two, and allow execution of one
> application within a specific set of permitted programs if the cookie
> matches.
>
> (No, this isn't a new idea; I believe the RTR Frontpage extensions do
> something like this, if memory serves, although they do it within Apache,
> instead of using a wrapper.)
>
> --
> Edward S. Marshall <emarshal () logic net>           http://www.nyx.net/~emarshal/
> -------------------------------------------------------------------------------
> [                  Felix qui potuit rerum cognoscere causas.                  ]