| delorie.com/archives/browse.cgi | search |
Hi! Wednesday, 18 April, 2001 Corinna Vinschen vinschen AT redhat DOT com wrote: >> now look what /tmp/secret contains. CV> I didn't test it but I assume it contains "Kaboom!". Hmm. I'm somewhat CV> distressed about that result. So the secure way to get a handle to any CV> shared object is by accessing it using names as suggested by Robert. CV> This doesn't apply to parent/child relations, obviously. yes. or via trusted server process running under administrator account. i suppose PSTORES.EXE (MS' "Protected storage service" is used for somthing like this). RC>> The thing egor as talking about was child process's needing to read the RC>> parents open handles, and that programs than setuid are apparently RC>> setting the perms to everyone, all to allow the child process with it's RC>> different uid to read the handles. He was proposing a server model, CV> Wouldn't that problem (which originally was related to ttys) be resolved CV> if the master cares for the duplication? but slave may also care to not allow master to get into its address space or read/write its files. yeah, it's slave, but that doesn't mean it have no natural human (err, i mean process :-) ) rights. Egor. mailto:deo AT logos-m DOT ru ICQ 5165414 FidoNet 2:5020/496.19
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |