[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: drop privileges to nobody is pinging as root



Hi!

On Mon, Mar 06, 2006 at 02:48:27PM -0700, Theo de Raadt wrote:
>[...]

>> Care to elaborate?

>I have been rather clear.  Please read what I wrote, and then think.

>This happens all the time.  Why do people ask again, instead of thinking?

>WHY should any user be able to run a process as uid nobody?  Do you
>really think that uid nobody has no capabilities that the user
>doesn't have?

The suggested patch did this only if the *real* UID was root.
So it doesn't give any user access to user nobody, but only drops
from *real* root to nobody. In fact, the patch was after the
normal privilege dropping sequence, so even if the condition
	if (getuid() == 0)
were omitted, it couldn't change from non-root to nobody.

Kind regards,

Hannah.