Hello! >>> User X puts some garbled information in the cache for his uid, then >>> starts a setgid program. That setgid program will use the bad data >>> in the cache which is potentially exploitable. >> Yes - you're right. I see 2 solutions: >> >> 1) The thing that you said - to turn off the caching for set*id programs >> >> 2) To separate users in the cache not only by their euid, but by their >> euid and egid together. In this case, if user X poisons the cache and >> starts the setgid program, then it will use the different (not poisoned) >> cache. I don't think that such a partitioning will cause the cache to grow >> too much. > > I'd be inclined toward the first option. Getting edge cases right for > suid apps requires lots of thinking so I'd rather just not support the > feature initially. Performance critical suid applications probably > aren't too common anyway. Ok - I'm absolutely agreed. I'll do it this way. With best regards, Michael Bushkov Rostov State UniversityReceived on Wed Aug 31 2005 - 18:17:13 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:42 UTC