Re: Linux patches to solve /tmp race problem

From: Valdis Kletnieks (Valdis.Kletnieksat_private)
Date: Wed Apr 25 2001 - 07:05:58 PDT

Next message: Przemyslaw Frasunek: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"

Previous message: Andrew R. Reiter: "Re: x86 vulnerability ?"
In reply to: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Next in thread: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Next in thread: Kurt Seifried: "Re: Linux patches to solve /tmp race problem"
Reply: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 24 Apr 2001 20:13:30 +0930, "Donaldson, Matthew" <matthewat_private>  said:
> (e.g. because it's non open-source).  Having something like this gives them
> the security that even if someone is doing the Wrong Thing(tm), it does not
> put them at risk.

Puts them at much less risk.  The risk is still non-zero.  (Consider - does
the patch fix race conditions that happen to involve both /tmp *and* '..'
in the pathname?  What *other* end conditions are there?  Remember that
"non executable stack" patches don't stop all buffer overflows, they just
make them a LOT harder to exploit.....
--
				Valdis Kletnieks
				Operating Systems Analyst
				Virginia Tech

application/pgp-signature attachment: stored

Next message: Przemyslaw Frasunek: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
Previous message: Andrew R. Reiter: "Re: x86 vulnerability ?"
In reply to: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Next in thread: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Next in thread: Kurt Seifried: "Re: Linux patches to solve /tmp race problem"
Reply: Donaldson, Matthew: "Re: Linux patches to solve /tmp race problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 25 2001 - 18:08:57 PDT