lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.60.0411261517560.3490@tnelson.webalive.biz> Date: Fri, 26 Nov 2004 15:23:48 +1100 (EST) From: Tim Nelson <security@...alive.biz> To: James Youngman <bugtraq@...ession.spiral-arm.org> Cc: Steve Revilak <srevilak@...akeasy.net>, parimiv@...haw.com, martin.buchholz@....com, levon@...ementarian.org, bugtraq@...urityfocus.com, bug-findutils@....org Subject: Re: Changes to the filesystem while find is running - comments? On Thu, 25 Nov 2004, James Youngman wrote: > On Thu, Nov 25, 2004 at 09:45:25AM +1100, Tim Nelson wrote: > >> Ok, so the sequence in find is currently (in pseudo-perl): >> ----------- >> $old = stat $dir; >> chdir $dir; >> $new = stat $dir; >> wd_sanity_check($old, $new); >> ----------- > > No, we lstat(".") rather than $dir. > >> If your information is correct, then what we need to do is >> something like: >> ----------- >> $tmp = $dir . '.'; >> $old = stat $tmp; >> chdir $dir; >> $new = stat $tmp; >> wd_sanity_check($old, $new); >> ----------- >> >> Would that do it, or am I missing something? > > What we need to do - and what we do do - is this - > > $tmp = <base name of subdirectory>; According to the description by Steve Revilak which was sent through, if you at this point do: $tmp = $tmp + '.'; ...then that will fix the problem. So instead of statting eg. "/usr/local/bin", you'll be statting "/usr/local/bin/." (note the dot in the second one). > $old = lstat $tmp; /* line A */ > chdir $dir; /* line B */ > $new = lstat "."; /* line C */ > wd_sanity_check($old, $new); > > >> Assuming that accessing /mount/SUBDIR/. also triggers a mount on >> the other OSs, the example above should work on everything. If it >> doesn't, we might have to do two stats the first time, one on $dir and >> then one on $tmp. > > On Solaris, the filesystem gets mounted at either line B or C (I'm not > sure which). Hence wd_sanity_check() needed to be changed to > understand why $old differs from $new in this case. Point C, according to Steve Revilak. :) -- Tim Nelson Server Administrator WebAlive Technologies Global Level 1 Innovation Building, Digital Harbour 1010 LaTrobe Street Docklands, Melbourne, Vic, 3008 Phone: +61 3 9934 0812 Fax: +61 3 9934 0899 E-mail: tim.nelson@...alive.biz http://www.webalive.biz/
Powered by blists - more mailing lists