Re: Generic wrapper

jrozesGUMBO.TCS.TUFTS.EDU

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Casper Dik: "Re: NIS+, Solaris 2.5.1"
• Previous message: Roman Maeder: "Re: libX11 overflow continued...."
• Next in thread: David Holland: "Re: Generic wrapper"

Look what Joe Zbiciak said on May 26, 10:03pm:
>
> Since there are a plethora of buffer overflows waiting to happen, and
> since the AUSCERT wrapper isn't sufficient for many people, I'm making
> my more generic wrapper available to all.

One caveat: this wrapper will break programs with symbolic links that perform
different functions of the wrapped program (like sendmail, which has links
for mailq and newaliases). This is because the wrapper resets argv[0] to the
name of the wrapper program before executing the wrapped program.

IRIX users will get nastily bit if they wrap /sbin/df, because /etc/devnm
(a symlink to df) will produce wierd results, causing the boot sequence to
fail to create the root device links /dev/root and /dev/rroot, along with
any tape device links. Your system will still boot normally, but you won't
have access to your tape drives and the system will claim that the root
filesystem is not mounted.

I commented out the offending line in the wrapper and things work as they
should now. What security implications are there to not resetting argv[0]?

Thanks,
jonathan

--
+++ Jonathan Rozes, Unix Systems Administrator, Tufts University
++  jrozestcs.tufts.edu, http://rozes.tcs.tufts.edu/
+   Remember, there's a difference between kneeling down and
    bending over --FZ

• Next message: Casper Dik: "Re: NIS+, Solaris 2.5.1"
• Previous message: Roman Maeder: "Re: libX11 overflow continued...."
• Next in thread: David Holland: "Re: Generic wrapper"