[sudo-workers] Re: closing all the file descriptors

Anthony Iano-Fletcher Anthony.Iano-Fletcher at nih.gov
Fri Jan 14 20:59:10 EST 2005

Hello Todd,

I put together a patch (attached) to implement changing the number of
open file descriptors.  Feel free to modify it.

With this patch you can pass information (e.g. X11 cookies) on the high
file descriptors.


On 10 Dec 2004 at 10:15:02, Todd C. Miller wrote:
> In message <20041210152106.GB14760 at cosy.cit.nih.gov>
> 	so spake Anthony Iano-Fletcher (Anthony.Iano-Fletcher):
> > -O sounds good. Perhaps it should have an argument which is the upper
> > limit of file descriptors to keep open (such as -O 4).  This would
> > limit the side effects but allow for a variable number of extra
> > side-bands.
> Seems reasonable.
> > What would be the security implications of allowing any user to do this?
> > As I see it:
> > 	. the targer user might be able to write some files previously
> > 	opened by the source user, but the source user needs to beware.
> Right.
> > 	. the source user mmight know of a buffer overflow in some
> > 	command when reading a high file descriptor. Administrator
> > 	beware. Of course this is more likely for STDIN than anything
> > 	else.
> That's a good point.  This is especially relevant for programs using
> select and non-dynamic fd_set buffers.
> > Is a sudoers file flag required because of the latter issue?
> Probably.  In an ideal world any extra  fds should be closed before
> sudoers is parsed.  I suppose it is not too dangerous to defer this
> until just before the program is executed, though.
>  - todd

Anthony R Iano-Fletcher        
  Room 2033, Building 12A,        http://dcb.cit.nih.gov/~arif
  National Institutes of Health,  Anthony.Iano-Fletcher at nih.gov
  12A South Drive, Bethesda,      Phone: (+1) 301 402 1741.
  MD 20892-5624, USA.

More information about the sudo-workers mailing list