lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20041125224032.GB7716@excession.spiral-arm.org>
Date: Thu, 25 Nov 2004 22:40:32 +0000
From: James Youngman <bugtraq@...ession.spiral-arm.org>
To: Tim Nelson <security@...alive.biz>
Cc: Steve Revilak <srevilak@...akeasy.net>, parimiv@...haw.com,
	martin.buchholz@....com, levon@...ementarian.org,
	bugtraq@...urityfocus.com, bug-findutils@....org
Subject: Re: Changes to the filesystem while find is running - comments?


On Thu, Nov 25, 2004 at 09:45:25AM +1100, Tim Nelson wrote:

> 	Ok, so the sequence in find is currently (in pseudo-perl):
> -----------
> $old = stat $dir;
> chdir $dir;
> $new = stat $dir;
> wd_sanity_check($old, $new);
> -----------

No, we lstat(".") rather than $dir.

> 	If your information is correct, then what we need to do is 
> something like:
> -----------
> $tmp = $dir . '.';
> $old = stat $tmp;
> chdir $dir;
> $new = stat $tmp;
> wd_sanity_check($old, $new);
> -----------
> 
> 	Would that do it, or am I missing something?

What we need to do - and what we do do - is this - 

$tmp = <base name of subdirectory>;
$old = lstat $tmp;   /* line A */
chdir $dir;          /* line B */
$new = lstat ".";    /* line C */
wd_sanity_check($old, $new);


> 	Assuming that accessing /mount/SUBDIR/. also triggers a mount on 
> the other OSs, the example above should work on everything.  If it 
> doesn't, we might have to do two stats the first time, one on $dir and 
> then one on $tmp.

On Solaris, the filesystem gets mounted at either line B or C (I'm not
sure which).  Hence wd_sanity_check() needed to be changed to
understand why $old differs from $new in this case.  

Other automounters mount the filesystem at A, which means that $old
and $new are the same, needing no fix.

Regards,
James.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ