lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 26 Nov 2004 15:23:48 +1100 (EST)
From: Tim Nelson <security@...alive.biz>
To: James Youngman <bugtraq@...ession.spiral-arm.org>
Cc: Steve Revilak <srevilak@...akeasy.net>, parimiv@...haw.com,
	martin.buchholz@....com, levon@...ementarian.org,
	bugtraq@...urityfocus.com, bug-findutils@....org
Subject: Re: Changes to the filesystem while find is running - comments?


On Thu, 25 Nov 2004, James Youngman wrote:

> On Thu, Nov 25, 2004 at 09:45:25AM +1100, Tim Nelson wrote:
>
>> 	Ok, so the sequence in find is currently (in pseudo-perl):
>> -----------
>> $old = stat $dir;
>> chdir $dir;
>> $new = stat $dir;
>> wd_sanity_check($old, $new);
>> -----------
>
> No, we lstat(".") rather than $dir.
>
>> 	If your information is correct, then what we need to do is
>> something like:
>> -----------
>> $tmp = $dir . '.';
>> $old = stat $tmp;
>> chdir $dir;
>> $new = stat $tmp;
>> wd_sanity_check($old, $new);
>> -----------
>>
>> 	Would that do it, or am I missing something?
>
> What we need to do - and what we do do - is this -
>
> $tmp = <base name of subdirectory>;

 	According to the description by Steve Revilak which was sent 
through, if you at this point do:

$tmp = $tmp + '.';

 	...then that will fix the problem.  So instead of statting eg. 
"/usr/local/bin", you'll be statting "/usr/local/bin/." (note the dot in 
the second one).

> $old = lstat $tmp;   /* line A */
> chdir $dir;          /* line B */
> $new = lstat ".";    /* line C */
> wd_sanity_check($old, $new);
>
>
>> 	Assuming that accessing /mount/SUBDIR/. also triggers a mount on
>> the other OSs, the example above should work on everything.  If it
>> doesn't, we might have to do two stats the first time, one on $dir and
>> then one on $tmp.
>
> On Solaris, the filesystem gets mounted at either line B or C (I'm not
> sure which).  Hence wd_sanity_check() needed to be changed to
> understand why $old differs from $new in this case.

 	Point C, according to Steve Revilak.

 	:)

-- 
Tim Nelson
Server Administrator
WebAlive Technologies Global
Level 1 Innovation Building, Digital Harbour
1010 LaTrobe Street
Docklands, Melbourne, 
Vic, 3008
Phone: +61 3 9934 0812
Fax: +61 3 9934 0899
E-mail: tim.nelson@...alive.biz
http://www.webalive.biz/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ