Re: MAGIC PIDs (was Re: magic??)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Rich: "Passwords"
• Previous message: Karl Strickland: "MAGIC PIDs (was Re: magic??)"
• In reply to: Karl Strickland: "MAGIC PIDs (was Re: magic??)"
• Next in thread: Reto Lichtensteiger: "Re: MAGIC PIDs (was Re: magic??)"

>> 
>> the other day, i happened to join a conversation about Unix security with
>> a couple of fellows at a local bookstore.  one of them mentioned the "magic"
>> hole.  i have heard mention of this hole before, but i assumed the hole
>> no longer existed.  apparently, this was a hole in /bin/login.
>

>This is probably associated with the MAGIC PID SUBSYSTEM which has
>been implemented on a number of popular UNIX's.  Basically processes
>that acquire a MAGIC PID have special powers and can do 'magical' things.
>
>If a hole is found in a program (such as /bin/login) which is executing
>in a process with a MAGIC PID, it is said to have a 'magic hole'.
>
>LINUX is generally recognised as having the most complete MAGIC PID
>implementation.  The benefits of MAGIC PIDs was discussed widely on IRC's
>#unix and #root about 12 months ago.  For more info, I guess you could
>try the usenet LINUX or security groups.

gee like what magical things? please more detail..


		-Pete

• Next message: Rich: "Passwords"
• Previous message: Karl Strickland: "MAGIC PIDs (was Re: magic??)"
• In reply to: Karl Strickland: "MAGIC PIDs (was Re: magic??)"
• Next in thread: Reto Lichtensteiger: "Re: MAGIC PIDs (was Re: magic??)"