lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <000301c4d199$403bf850$86c8a8c0@MervaSBS2003.local>
Date: Tue, 23 Nov 2004 21:16:01 +0100
From: "James Youngman" <bugtraq@...ession.spiral-arm.org>
To: <kbo@....tiscali.de>
Cc: srevilak@...akeasy.net, parimiv@...haw.com, martin.buchholz@....com,
	levon@...ementarian.org, bugtraq@...urityfocus.com, bug-findutils@....org
Subject: Re: Changes to the filesystem while find is running - comments?


On Tue, Nov 23, 2004 at 12:38:52PM +1100, Paul Szabo wrote:

> [ James wrote ]

> > This algorithm is certainly robust, but it will never descend into an
> > automount directory hierarchy.  Do you think we can do better than
> > that without opening the door to more exploits?
> 
> Hmm... It would not descend into just-now-changed automounts (and it may
> not be able to get back out of them), but it should be able to traverse
> reasonably long-lived mounts.

The problem is though that when you chdir() into an automount mount
point, automount aill automatically mount it for you.  Hence if an
automount filesystem wasn't already mounted, if you chdir() into it it
immediately becomes a "just-now-changed" mount point.  That's the
essensce of the problem I am trying to solve.

Regards,
James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ