News for wibblers. Stuff that really doesn't matter. |
|
News for wibblers. Stuff that really doesn't matter. |
|
Save the teapot fund
New CSS web design for Wibble proudly provided by Kelv. Please contact the webmaster with any questions or concerns. |
Wibble > List archives > bugtraq > 2000 [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Symlinks and Cryogenic Sleep
My post yesterday seems to have died during moderation. This happened to my last 2 incidentally - both looked worthwhile to me. Olaf Kirch: > That's not true for setuid processes. You're allowed to signal a process > if _either_ the effective or the real uid match. Try running passwd in > one window, in another type killall -STOP passwd. Exactly. I tested it on linux-2.0.26, linux-2.2.12 and openbsd-2.5. No doubt Olaf selected SIGSTOP for his example because a handler cannot be installed for it. Casper mentions ^Z: > You can, but only from a terminal. (I.e., if you start su/passwd/rsh, > etc, you can ^Z them) But doesn't ^Z do SIGTSTP instead of SIGSTOP ? I have no Solaris boxes here to test. Goetz Babin-Ebell <babinebell@xxxxxxxxxxxxxx> posted some code with a number of flaws. It can leak open files as well as be raced. I have a perl tool for scanning code for file races. It is based on a description by Bishop & Dilger of an unpublished scanner they wrote. http://www.notatla.demon.co.uk/SOFTWARE/SCANNER/scanner-1.0b.tar.gz My suggestion for upgrading Olaf's original code is to test the owner and group as well as the device and inode in the lstat,fstat comparison. Then an attacker can only switch a file for another of the same owner:group. -- ############################################################## # Antonomasia ant@xxxxxxxxxxxxxxxxxxx # # See http://www.notatla.demon.co.uk/ # ##############################################################
|
