Bugtraq mailing list archives
Re: libresolv+ bug
From: dholland () hcs harvard edu (David Holland)
Date: Mon, 19 Aug 1996 14:26:37 -0400
Reading restricted file is not that much of a problem as long as you keep the contents of the files secret, i.e., don't print "root:<pw>:::": parse error at line 1. Validate your input (for $TZ and $TERMINFO/$TERMCAP, validating input is pretty easy, $TZ and $TERM* will only reveal information if it happens to be in the right format)In the case of resolv, user resolv files should only be read if they are accessible as that user. This means going through all the usual mess because the designers of Unix didnt anticipate the fact that open(...., O_ASRUID) would have been useful.
One could argue that in a setuid program such user-supplied settings should be ignored. -- - David A. Holland | Number of words in the English language that dholland () hcs harvard edu | exist because of typos or misreadings: 381
Current thread:
- Re: libresolv+ bug, (continued)
- Re: libresolv+ bug Brian Mitchell (Aug 18)
- Re: libresolv+ bug Jon Lewis (Aug 18)
- Re: libresolv+ bug Alan Cox (Aug 19)
- libresolv Xarthon (Aug 18)
- Re: libresolv Xarthon (Aug 18)
- Re: libresolv+ bug Nelson Murilo (Aug 18)
- Re: libresolv+ bug Brian Mitchell (Aug 18)
- Re: libresolv+ bug Casper Dik (Aug 19)
- Re: libresolv+ bug Alan Cox (Aug 19)
- Re: libresolv+ bug Brian Mitchell (Aug 19)
- Re: libresolv+ bug David Holland (Aug 19)
- Re: libresolv+ bug Alan Cox (Aug 19)
- Re: libresolv+ bug Steve Czetty (Aug 19)
- real time decode of tcpdump output Michael Ryan (Aug 19)
- WU.FTPD vulnerability: gnu tar possibly others Alan Cox (Aug 19)
- Re: WU.FTPD vulnerability: gnu tar possibly others Pedro Melo (Aug 19)
- Re: WU.FTPD vulnerability: gnu tar possibly others Christian Limpach (Aug 19)
- SECURITY FIX/UPDATE: anonftp Elliot Lee (Aug 19)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Igor Chudov @ home (Aug 18)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Evil Pete (Aug 18)
- CERT Advisory CA-96.18 - Vulnerability in fm_fls CERT Advisory (Aug 14)