lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 23 Nov 2004 22:17:51 +0000
From: James Youngman <bugtraq@...ession.spiral-arm.org>
To: Troy <tjk@...oft.com>
Cc: srevilak@...akeasy.net, parimiv@...haw.com, martin.buchholz@....com,
	levon@...ementarian.org, bugtraq@...urityfocus.com, bug-findutils@....org
Subject: Re: Changes to the filesystem while find is running - comments?


On Tue, Nov 23, 2004 at 01:58:00PM -0800, Troy wrote:
> James,
> 
> Would it be possible to replace the sanity check for inode number with a
> sanity check for cwd and directory name? After all, if the directory is 
> moved (renamed or given another parent directory) while find is running, 
> then the CWD will have changed. On the other hand, if stat'ing or chdir'ing 
> the directory has caused automount to mount a new filesystem on it, the 
> CWD will not have changed. This would seem to be a fix.
> 
> What do you think?

Checking the result of getcwd() would have substantially the right
effect.  It encapsulates the "did we end up where we expected?"
condition, too.

Unfortunately on most systems it's pretty expensive (it stats "." and
then does opendir(".."), calling stat() on each entry to find the
basename of the current directory, and then repeats this process with
the parent directory).  That is problematic from our point of view,
firstly because of the impact on performance but also because it does
filesystem traversal without checking things.  Protecting ourselves
while we are moving up the directory hierarchy also becomes a lot more
complicated if our method of protecting ourselves does in fact move up
the directory hierarchy itself.

There are systems on which getcwd() is actually a system call but not
all systems are like that.

Thanks.
James.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ