Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Oct 2020 19:52:28 +0300
From: Alexey Izbyshev <>
Subject: Re: Calling setxid() in a vfork()-child

On 2020-10-12 23:30, Alexey Izbyshev wrote:
> ...However, thinking about it
> more, I see that dropping privileges could open the child to new ways
> of interaction from outside of the app in a window before execve(),
> so, if, say, another unprivileged process can ptrace it at the right
> moment, bad things could happen.
Alexander Monakov pointed out to me that this particular naive attack is 
not possible (unless "/proc/sys/fs/suid_dumpable" is changed or the 
application resets "dumpable" bit via prctl() after setxid()):


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.