|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: aaa_base still vulnerable after upgrade
From: Valdis.Kletnieks
VT.EDUDate: Mon May 01 2000 - 09:06:19 CDT
- Next message: eAX -: "Security Bug in Jana HTTP Server"
- Previous message: Peter da Silva: "Re: Solaris 7 x86 lpset exploit."
- Next in thread: Horst von Brand: "Re: aaa_base still vulnerable after upgrade"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 29 Apr 2000 23:08:42 +0200, Matthias Andree <maDT.E-TECHNIK.UNI-DORTMUND.DE> said:
> marcsuse.de (Marc Heuse) writes:
> There is no point in discussing this. One simply does not code rm -f
> $DEL_FILE, but rm -f "$DEL_FILE", or better, not even mess with so much
> scripts if a simple find will do (see the announcement).
Note that "simple find" will *still* have problems doing it correctly and
securely. There was a whole thread about this back in the '95-'96 timeframe
about 'find <whatever" | xargs rm' being insecure, which lead to a discussion
of using 'find <whatever> -exec rm' which was STILL insecure.
> > > touch "/tmp/x /etc/rc.config"
> >
> > btw have you ever tried out this command? It won't work. A filename is not
> > allowed to have a slash in it's name ...
>
> That's correct, I missed that (fails with 'no such file or directory'
> since there is no "/tmp/x " directory here). Still, you can delete
Try this:
mkdir -p "/tmp/x /etc/"
touch "/tmp/x /etc/rc.config"
The problem is you can't 'touch /A/B/C/D' if /A/B/C and/or /A/B don't exist
yet.
-- Valdis Kletnieks Operating Systems Analyst Virginia Tech
- Next message: eAX -: "Security Bug in Jana HTTP Server"
- Previous message: Peter da Silva: "Re: Solaris 7 x86 lpset exploit."
- Next in thread: Horst von Brand: "Re: aaa_base still vulnerable after upgrade"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]