|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: glibc env. vars. (again)
From: Chris Evans (chris
ferret.lmh.ox.ac.uk)Date: Wed May 24 2000 - 16:30:51 CDT
- Next message: Chris Evans: "Re: glibc env. vars. (again) (fwd)"
- Previous message: Alan Cox: "Re: glibc env. vars. (again)"
- In reply to: Alan Cox: "Re: glibc env. vars. (again)"
- Next in thread: Matthew Kirkwood: "Re: glibc env. vars. (again)"
- Next in thread: Chris Evans: "Re: glibc env. vars. (again)"
- Reply: Chris Evans: "Re: glibc env. vars. (again)"
- Reply: Matthew Kirkwood: "Re: glibc env. vars. (again)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 24 May 2000, Alan Cox wrote:
> > * we need a sysctl to turn suid / /dev/null hooking on and off
>
> No we need non stupid glibc bugs.
>
> > * glibc probably shouldn't allow this
>
> probably ??? definitely.
>
> Thats a glibc security hole period
I think it's safe -
__libc_start_main() (sysdeps/generic/libc-start.c)
...
/* Set the global _environ variable correctly. */
__environ = &argv[argc + 1];
/* Some security at this point. Prevent starting a SUID binary where
the standard file descriptors are not opened. */
if (__libc_enable_secure)
check_standard_fds ();
So fd 0,1,2 are sanitized before anything gets a chance to do something
depending upon the environment. I believe? Alan, Matt - whack me with the
clue hammer if neccessary ;-)
Cheers
Chris
- Next message: Chris Evans: "Re: glibc env. vars. (again) (fwd)"
- Previous message: Alan Cox: "Re: glibc env. vars. (again)"
- In reply to: Alan Cox: "Re: glibc env. vars. (again)"
- Next in thread: Matthew Kirkwood: "Re: glibc env. vars. (again)"
- Next in thread: Chris Evans: "Re: glibc env. vars. (again)"
- Reply: Chris Evans: "Re: glibc env. vars. (again)"
- Reply: Matthew Kirkwood: "Re: glibc env. vars. (again)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]