[PATCH] caching daemon release and nsswitch patches

Michael Bushkov bushman at rsu.ru
Wed Aug 31 20:17:14 GMT 2005


Hello!

>>> User X puts some garbled information in the cache for his uid, then
>>> starts a setgid program. That setgid program will use the bad data
>>> in the cache which is potentially exploitable.
>> Yes - you're right. I see 2 solutions:
>>
>> 1) The thing that you said - to turn off the caching for set*id programs
>>
>> 2) To separate users in the cache not only by their euid, but by their
>> euid and egid together. In this case, if user X poisons the cache and
>> starts the setgid program, then it will use the different (not poisoned)
>> cache. I don't think that such a partitioning will cause the cache to grow
>> too much.
>
> I'd be inclined toward the first option.  Getting edge cases right for
> suid apps requires lots of thinking so I'd rather just not support the
> feature initially.  Performance critical suid applications probably
> aren't too common anyway.

Ok - I'm absolutely agreed. I'll do it this way.

With best regards,
Michael Bushkov
Rostov State University


More information about the freebsd-current mailing list