The murky issue of changin process identity: revising "setuid demystified"

• Autores: Dan Tsafrir, Dilma da Silva, David Wagner
• Localización: ;login:: the magazine of USENIX & SAGE, ISSN 1044-6397, Vol. 33, Nº. 3 (JUN), 2008, págs. 55-66
• Idioma: inglés
• Texto completo no disponible (Saber más ...)
• Resumen

  • Dropping unneeded process privileges promotes security but is not notoriously error-prone because of confusing set*id system calls with unclear semantics as subtle portability issues. To make things worse, existing recipes to accomoplish the task are lacking, related manuals can be misleasding, and the associated kernel subsystem might contain bugs. We therefore proclaim the systemas an untrustworthy when it comes to the subject matter, and we suggest a defensive, easy-to-use solution that adresses all concern.