Home page logo

bugtraq logo Bugtraq mailing list archives

Re: pingflood.c
From: njs3 () DOC IC AC UK (Niall Smart)
Date: Mon, 18 May 1998 21:06:08 +0100

On May 18, 12:46pm, Theo de Raadt wrote:
} Subject: Re: pingflood.c
BTW, how many setuid programs are there that will catch various
signals and will behave "not-as-expected" when forked off by a
signal-bomber parent process, such as pingflood?

Unlike seemingly everone else in this thread, who are very busy trying
to patch ping for a problem which it is obvious many other programs in
the source tree will also encounter, Aggelos has taken the first step
and used started thinking about the further consequences.
For more information on how I have fixed this problem, due to a
conversation with David Holland a couple months back about this basic
problem, see both www.openbsd.org/security.html#23 and

I would have also thought it advisable to prevent a non-priviledged
user from sending a signal to a set[ug]id process which has installed
a handler for that signal.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]