Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What is process attribute inheritance? Or why should I not write SUID/SGID programs?

Inheritance process Programs sgid suid write
0
Posted

What is process attribute inheritance? Or why should I not write SUID/SGID programs?

0 CommentsAdd a Comment

1 Answer

0

Process attribute inheritance (AFAIK a term I coined), is when a child process inherits attributes from the parent process’ environment. I did see this referred to as “state variables”, but I forgot by who and all searching has led nowhere. The problems with process attribute inheritance were fore shadowed by the ‘ping’ security hole mentioned in question 3.3, as well as the OpenBSD ‘chpass’ hole mentioned in that section. A child process is an exact copy of its parent except for the process ID and the parent process ID. These change for obvious reasons. However, all other attributes are the copied with the exception of file descriptors. File descriptors, however, are shared. (For a more exhaustive explanation see Stevens 1992). A process is executed after a call to execve() or one of the other routines in its family. This system call filters out many of the process attributes, but lets some through. This is considered a UNIX “feature” and is relied upon by daemons such as inetd. Keep

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123