Opinion on checking return value of setuid(getuid())?

Erik Cederstrand erik at cederstrand.dk
Mon Oct 1 10:58:40 UTC 2012

Previous message: Opinion on checking return value of setuid(getuid())?
Next message: Opinion on checking return value of setuid(getuid())?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Den 01/10/2012 kl. 12.49 skrev Konstantin Belousov <kostikbel at gmail.com>:

> setuid() might also fail for other reasons, e.g. due to custom MAC module.
> 
> In case of ping, does the failure of dropping the suid bit is important ?

I believe it is. If 'setuid()' fails then 'uid' becomes 0 and it's possible e.g. to do a "Flood ping".

Erik

Previous message: Opinion on checking return value of setuid(getuid())?
Next message: Opinion on checking return value of setuid(getuid())?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-security mailing list