Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_1

Bugtraq archives for 1st quarter (Jan-Mar) 1996: Re: XFree86 3.1.2 Security Problems

Re: XFree86 3.1.2 Security Problems

Neil Readwin (nreadwinlondon.micrognosis.com)
Sat, 3 Feb 1996 01:44:45 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Darren Reed: "Re: BoS: bind() Security Problems"
Previous message: David J Meltzer: "abuse Red Hat 2.1 security hole"
In reply to: Anthony C. Zboralski: "Re: XFree86 3.1.2 Security Problems"

Anthony C. Zboralski writes:
> Maybe someone could take a look at the server sources so it does a
> system("/bin/rm /tmp/.tX0-lock") just before it a write to the file..

That doesn't fix it since it leaves a race condition that could be
exploited using something like ...

        while(stat(TmpFile, &fileinfo) == 0)
                ;
        symlink(TargetFile, TmpFile);
--
 nreadwinmicrognosis.co.uk       Phone: +1 908 855 1221 x519
 Anything is a cause for sorrow that my mind or body has made

Next message: Darren Reed: "Re: BoS: bind() Security Problems"
Previous message: David J Meltzer: "abuse Red Hat 2.1 security hole"
In reply to: Anthony C. Zboralski: "Re: XFree86 3.1.2 Security Problems"