Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: pingflood.c
From: njs3 () DOC IC AC UK (Niall Smart)
Date: Mon, 18 May 1998 21:06:08 +0100


On May 18, 12:46pm, Theo de Raadt wrote:
} Subject: Re: pingflood.c
BTW, how many setuid programs are there that will catch various
signals and will behave "not-as-expected" when forked off by a
signal-bomber parent process, such as pingflood?

Unlike seemingly everone else in this thread, who are very busy trying
to patch ping for a problem which it is obvious many other programs in
the source tree will also encounter, Aggelos has taken the first step
and used started thinking about the further consequences.
[snip]
For more information on how I have fixed this problem, due to a
conversation with David Holland a couple months back about this basic
problem, see both www.openbsd.org/security.html#23 and
www.openbsd.org/errata.html#kill

I would have also thought it advisable to prevent a non-priviledged
user from sending a signal to a set[ug]id process which has installed
a handler for that signal.

Niall



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault