Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site wjh12.UUCP Path: utzoo!linus!vaxine!wjh12!mrd From: mrd@wjh12.UUCP (Douglas) Newsgroups: net.unix-wizards Subject: A possible security bug fix Message-ID: <265@wjh12.UUCP> Date: Fri, 22-Jul-83 15:22:26 EDT Article-I.D.: wjh12.265 Posted: Fri Jul 22 15:22:26 1983 Date-Received: Fri, 22-Jul-83 21:59:06 EDT Organization: Harvard University PSR, Cambridge MA Lines: 9 Not too long ago there was a news item pointing out the potential for working mischief by running programs with file descriptors 0, 1 or 2 closed - for example, the program could open a file which would end up having file descriptor 2, and then write a message to standard error, modifying the file. Would there be any problems with requiring file descriptors 0, 1 and 2 to be open during an exec? (making an exception for pid 1, so the initial exec of /etc/init works).