Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <54256634.1040405@debian.org>
Date: Fri, 26 Sep 2014 14:12:20 +0100
From: Simon McVittie <smcv@...ian.org>
To: oss-security@...ts.openwall.com
CC: chet.ramey@...e.edu
Subject: Re: CVE-2014-6271: remote code execution through bash

On 26/09/14 00:43, Chet Ramey wrote:
>> I'm arguing that privilege boundaries should take responsibility for
>> their nature as a privilege boundary, and not pass the buck to the
>> code that they call into.
>
> It doesn't help if some process sets ruid = euid and execs bash,
> but bash doesn't import functions from the environment if
> ruid != euid.

Yes, what I'm saying is that in that situation, we should blame the
"some process", not bash. It is the "some process" that opted to act as
a privilege boundary (by being setuid or whatever), so it should be
responsible for taking extra care when it executes non-trivial code
(e.g. bash) with its elevated privileges.

    S

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.