[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] xscreensaver package caps gets raw socket
From: Alan Coopersmith <alan.coopersmith () oracle ! com>
Date: 2021-04-18 17:29:56
Message-ID: bc3a6689-bbcd-612f-e9f8-e94543cf39fa () oracle ! com
[Download RAW message or body]
On 4/17/21 5:51 PM, Érico Nogueira wrote:
> Using `secure_getenv` in some of these cases would probably work as well as
> checking `getauxval(AT_SECURE)`, especially because it seems (from my quick
> search over at <https://man.bsd.lv>) that both are Linux specific anyway.
Solaris also has secure_getenv since the 11.3.10 release. It uses the
issetugid() call that's been available since Solaris 9 (2002) and which
is also available in FreeBSD & OpenBSD:
https://man.openbsd.org/issetugid.2
https://www.freebsd.org/cgi/man.cgi?query=issetugid&sektion=2
https://docs.oracle.com/cd/E88353_01/html/E37841/issetugid-2.html
Though Nico Williams warns not all implementations work the same way:
https://gist.github.com/nicowilliams/4daf74a3a0c86848d3cbd9d0cdb5e26e
--
-Alan Coopersmith- alan.coopersmith@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/alanc
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic