In message <20010713080836.A161232at_private>, "Jarno Huuskonen" writes: > If you look a little below you'll see a call to FileDelete(strName); So > first you create a file with mkstemp and then unlink it. And because > cFileArchive::OpenReadWrite(line 708) then opens the same file(name) without > O_EXCL there still is a race. So I don't think this is a sufficient fix. > You should make cFileArchive::OpenReadWrite use O_EXCL. > I have --> untested <-- patch (probably fails horribly ;-) for this: > http://www.uku.fi/~jhuuskon/Patches/tripwire-2.3.1-2-O_EXCL.patch I applied your patch to the upcoming FreeBSD Tripwire-2.3.1 port. I tested it and it works! > > > We haven't had a chance to install the commercial version yet, however > > if the commercial version is vulnerable (I've notified TripwireSecurity > > of the possibility and I'm betting dollars to donuts that is might be) > > a possible workaround would be to create a shared library with a > > function named mktemp which would call mkstemp() as in the patches > > above, then execute tripwire using LD_PRELOAD to load the mktemp > > wrapper. > > On Thu, Jul 12, Cy Schubert - ITSD Open Systems Group wrote: > Back in january the binary tripwire 2.2.1 for linux was statically > compiled / linked. Can you use LD_PRELOAD with static executables ? LD_PRELOAD only works on dynamically linked binaries. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubertat_private Open Systems Group, ITSD, ISTA Province of BC
This archive was generated by hypermail 2b30 : Mon Jul 16 2001 - 21:53:39 PDT