On Tue, Jun 6, 2017 at 11:06 AM, Marko Cupać <marko.cu...@mimar.rs> wrote:
> On Tue, 06 Jun 2017 08:18:15 -0600
> "Theo de Raadt" <dera...@openbsd.org> wrote:
>> Never reuse a user intended for another purpose.
>>
>> Take a glance at the ptrace manual page.

> I have read ptrace manual. But I guess I need to read much MUCH more if
> I want to comprehend it :)

I'm guessing the point here is that ptrace can be used to eavesdrop on
processes of the same user id. So if the proxy user got compromised,
an attacker could not just kill the nc processes, but also read the
data they are forwarding.

Reply via email to