Den 01/10/2012 kl. 12.49 skrev Konstantin Belousov <[email protected]>:
> setuid() might also fail for other reasons, e.g. due to custom MAC module. > > In case of ping, does the failure of dropping the suid bit is important ? I believe it is. If 'setuid()' fails then 'uid' becomes 0 and it's possible e.g. to do a "Flood ping". Erik_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
