Vulnerability Development: Re: /dev/urandom

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: /dev/urandom | logger "issue"

From: Alfonso De Gregorio <dira () SPEEDCOM IT>
Date: Thu, 24 Aug 2000 00:04:10 +0200

On Wed, 23 Aug 2000, Larry D'Anna wrote:

Is it possible to get the uid of the process at the other end of a
unix domain socket?  If so then why not have syslogd get the uid and
record who logged each message?


Yes, to find the effective uid that called connect() the daemon can
call getpeereuid().

However getpeereuid() is not portable. In Linux it can be implemented
using getsockopt() and SO_PEERCRED. In NetBSD the LOCAL_CREDS feature
does not returns infos until the caller write some data; this lead to
DoS attacks. And so on.

fhex

By Date By Thread

Current thread:

Re: /dev/urandom | logger "issue", (continued)
- Re: /dev/urandom | logger "issue" Michal Zalewski (Aug 22)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 22)
- Re: /dev/urandom | logger "issue" Bill Pennington (Aug 22)
- Re: /dev/urandom | logger "issue" Larry D'Anna (Aug 23)
  - Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 23)
  - Re: /dev/urandom | logger "issue" Alfonso De Gregorio (Aug 23)
  - Re: /dev/urandom | logger "issue" Matt Wilson (Aug 23)
  - Re: /dev/urandom | logger "issue" H D Moore (Aug 27)
    - Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 27)
    - Re: /dev/urandom | logger "issue" M ixter (Aug 28)
    - Re: /dev/urandom | logger "issue" Kev (Aug 28)