Re: Race conditions - patch.

[aleph1 () DFW NET (Aleph One)]

On Mon, 23 Feb 1998, Theo de Raadt wrote:

> I must say this, though I suspect Aleph1 will be starting to get
> annoyed at both sides of this silly discussion:

You are correct.

> I am quite fascinated at the extent to which people will go to avoid
> fixing the /tmp races in the programs in question.
>
> To me it is quite clear that your patches are breaking the
> expectations which regular code has in a POSIX/UNIX environment,
> ie. expectations that /tmp works.
>
> Perhaps your next patch will make it impossible to create directories
> or files in /tmp.
>
> Because, as I am sure you do realize, it is very easy to effect denial
> of service attacks by creating a directory where a program expects a
> file, or a file where a program expects to create a directory.
>
> So... how much longer is this futile slashing going to continue?

The point you miss Theo, is that everyone is not in your position.
Not all software one may wish to use comes with the base operating system.
Even with such a well audited code base as that of OpenBSD. Neither do
most people have the knowledge nor the time to spend auditing such code.
For these people a patch the makes the stack non-executable or world
writable directories with the sticky bit more difficult to use in an
exploit is a good reasonable security layer to add to their system.
Security is seldom a matter of absolutes. Whatever makes an attackers work
more difficult should be used.

We have already beaten this issue to death. Let's let it rest.

Aleph One / aleph1 () dfw net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01