lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200411222039.iAMKdue308257@milan.maths.usyd.edu.au>
Date: Tue, 23 Nov 2004 07:39:56 +1100 (EST)
From: psz@...hs.usyd.edu.au (Paul Szabo)
To: bug-findutils@....org, bugtraq@...ession.spiral-arm.org,
	bugtraq@...urityfocus.com
Cc: parimiv@...haw.com, srevilak@...akeasy.net, martin.buchholz@....com,
	levon@...ementarian.org
Subject: Re:  Changes to the filesystem while find is running - comments?


James,

You asked on bugtraq:

> GNU find does a sanity check before and after calling chdir().  It
> stats the directory it's about to move into, and stats "." after
> chdir() succeeds.  It then compares the device numbers and inode
> numbers returned by he two stat() calls.  This is done in a function
> called wd_sanity_check().  If these are different, find prints an
> error and exits fatally (in versions up to and including GNU findutils
> 4.2.5.
> ...
> [ Shenanigans with automounter upset wd_sanity_check() ]
> As of findutils 4.2.6/4.2.7, find will read /etc/mtab ...
> [ Shenanigans in Solaris automounter upset mtab check ]
> ... Hence my question is :-
>     Is it worthwhile at all to perform this "sanity check" or is it of 
>     insufficient benefit?
> I'd be grateful for your thoughts.

What I would like to see implemented (in some messy pseudo-code, starting
in parent directory):

  PARENT=stat(".");
  SUBDIR=stat("subdir");
  chdir("subdir");
  DOT=stat(".");
  if (SUBDIR != DOT) {
    Print warning message
  }
  else {
    Go on with find (recurse)
  }
  chdir("..");
  DOT=stat(".");
  if (PARENT != DOT) {
    Print message
    Exit with fatal error
  }

Do not descend into "dodgy" directories, but back out of them; exit fatally
if you cannot get back to solid ground.

Is this doable?

Cheers,

Paul Szabo - psz@...hs.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ