Re: [Exim] Security problem - invoking setuid process with f…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Rick Byers
CC: exim-users
Subject: Re: [Exim] Security problem - invoking setuid process with fd 0,1,2 closed
On Fri, 7 Jun 2002, Rick Byers wrote:

> Invoking a setuid/setgid process with fd 0, 1 or 2 closed is apparently a
> security risk (libc treats fds 0,1,2 specially and if the program
> opens a new file it may get assigned any unused fd). I don't know the
> full details of the problem, but several OSes (Net/Free/OpenBSD) now log a
> warning if a setuid program is invoked with its fd 0,1 or 2 closed.


Thanks for the report, but this was already reported a couple of weeks
ago. I have made changes for the next release of Exim (which will be
4.05).

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.