[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4C0355A6F95639418CEE43EB898354FC04B04C8E@EXSTORE1.zdv.uni-mainz.de>
Date: Thu, 5 Feb 2004 14:05:28 +0100
From: "Muders, Thomas" <muders@...-mainz.de>
To: <bugtraq@...urityfocus.com>
Cc: bug-libtool@....org,
Stefan Nordhausen <deletethis.nordhaus@...ormatik.hu-berlin.de>
Subject: RE: Symlink Vulnerability in GNU libtool <1.5.2
Hello,
> Hm, interesting. That is the exact same bug that I found. As for the
> race with chmod: Do you know of a really good way to exploit
> this one? I
> can only think of pretty harmless things to do with this. You
> could fix
> this by using something like:
>
> (umask 077 && mkdir $tmpdir) || exit 1
>
there is an option "-m" for mkdir which sets the mode on creation. That makes sense, anyway, as the syscall for mkdir has a "mode" argument, too.
Or are there portability issues with that one?
regards,
Thomas
--
muders@...-Mainz.DE | Johannes Gutenberg-Universität Mainz
Systemabteilung/Unix | Zentrum für Datenverarbeitung
Tel: +49-6131-39-26015 | 55099 Mainz
Fax: +49-6131-39-56015 | Tel: +49-6131-3926300
Powered by blists - more mailing lists