Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!ames!oliveb!pyramid!prls!philabs!micomvax!musocs!mcgill-vision!mouse
From: mouse@mcgill-vision.UUCP
Newsgroups: comp.unix.wizards
Subject: Re: System V job control idea
Message-ID: <757@mcgill-vision.UUCP>
Date: Wed, 6-May-87 02:52:22 EDT
Article-I.D.: mcgill-v.757
Posted: Wed May  6 02:52:22 1987
Date-Received: Thu, 14-May-87 01:32:21 EDT
References: <337@tdi2.UUCP>
Distribution: world
Organization: McGill University, Montreal
Lines: 28

In article <337@tdi2.UUCP>, brandon@tdi2.UUCP (Brandon Allbery) writes:
> Recently it occurred to me that there exists a form of simple job
> control under every version of UNIX since the Seventh Edition (at
> least).  It's called ptrace().

A very interesting notion.  Probably worth at least following up
somewhat.

> Aside from the inhibition of setuid (which should be reconsidered for
> this application, maybe; what kind of ``fraud'' is it designed to
> prevent?),

Fraud like you run a setuid program, eg /bin/passwd, stop it before it
does anything, patch the text segment to do execl("/bin/csh"), and thus
get yourself a root shell.  The whole point of a setuid program is that
it is trusted to not abuse its privileges.  The ability to scribble on
the text segment, or, for most programs, the data and/or stack
segments, without inhibiting the setuid property, opens up security
holes you have to hang onto the edge to keep from falling through.

Possibly the shell could check for setuid and do the ptrace() trick
only for non-setuid programs.  There are comparatively few setuid
programs, and anyway, it's a lot better than nothing.  (If it works,
that is.)

					der Mouse

				(mouse@mcgill-vision.uucp)