Date: Thu, 26 Aug 1999 12:46:25 -0600 From: Warner Losh <imp@village.org> To: Paul Hart <hart@iserver.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD (and other BSDs?) local root explot] Message-ID: <199908261846.MAA66821@harmony.village.org> In-Reply-To: Your message of "Thu, 26 Aug 1999 12:28:44 MDT." <Pine.BSF.3.96.990826122620.4391H-100000@anchovy.orem.iserver.com> References: <Pine.BSF.3.96.990826122620.4391H-100000@anchovy.orem.iserver.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.3.96.990826122620.4391H-100000@anchovy.orem.iserver.com> Paul Hart writes: : Has anyone investigated patches to the fts(3) functions in libc? We've : seen kernel patches (to stop following symbolic links when dumping core?) : but it would be nice to fix the fts(3) bugs as well that started all of : this. Bruce has done that. He's trying to get them to the point he's happy with them and track down all the implied POSIX issues that might result from changing fts. I will admit that I've been slow in the past to review some of the changes he wanted to make to fix this problem, mostly due to heavy work loads at the time. In the past few days several patches to different areas of the system have been flooding through my mailbox for review on this problem. This is both good and bad. This exploit pointed out several bugs. periodic shouldn't allow its children to dump core (since you don't want new core files in your dump every day), core dumps *MUST*NOT* follow symbolic links (which they didn't do in 2.x, but there was some back sliding in 3.x and 4.x in this area), fts has an overflow which can cause problems in large, wide trees. Had any one of these been different, the problem would not have happened. There are also some downstream issues with many programs not doing proper error checking (eg, if ssh sees bogons in its authorized_keys file, it should abort not ignore them), but that doesn't solve the "file assasination" problems, it merely works around them. I'm working on some administrivia right now to get the advisories to happen properly... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908261846.MAA66821>