lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4C0355A6F95639418CEE43EB898354FC04B04C8E@EXSTORE1.zdv.uni-mainz.de>
Date: Thu, 5 Feb 2004 14:05:28 +0100
From: "Muders, Thomas" <muders@...-mainz.de>
To: <bugtraq@...urityfocus.com>
Cc: bug-libtool@....org,
	Stefan Nordhausen <deletethis.nordhaus@...ormatik.hu-berlin.de>
Subject: RE: Symlink Vulnerability in GNU libtool <1.5.2


Hello,

> Hm, interesting. That is the exact same bug that I found. As for the
> race with chmod: Do you know of a really good way to exploit 
> this one? I
> can only think of pretty harmless things to do with this. You 
> could fix
> this by using something like:
> 
> (umask 077 && mkdir $tmpdir) || exit 1
> 

there is an option "-m" for mkdir which sets the mode on creation. That makes sense, anyway, as the syscall for mkdir has a "mode" argument, too.

Or are there portability issues with that one?

regards,
	Thomas

--
muders@...-Mainz.DE        |  Johannes Gutenberg-Universität Mainz
Systemabteilung/Unix       |         Zentrum für Datenverarbeitung
Tel: +49-6131-39-26015     |                           55099 Mainz
Fax: +49-6131-39-56015     |                 Tel: +49-6131-3926300

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ