Bugtraq mailing list archives
Re: hole in sudo for MP-RAS.
From: Todd.Miller () COURTESAN COM (Todd C. Miller)
Date: Mon, 12 Jan 1998 21:02:51 -0700
The real problem is that there is an assumption in the path matching code that things will start with '/' but they can also, of course, start with '.'. Here's the "official" patch if you will... - todd --- parse.c 1996/11/14 02:37:16 1.76 +++ parse.c 1998/01/13 03:59:35 @@ -218,7 +218,7 @@ static char *c; /* don't bother with pseudo commands like "validate" */ - if (*cmnd != '/') + if (*cmnd != '/' && *cmnd != '.') return(FALSE); /* only need to stat cmnd once since it never changes */
Current thread:
- Again: perl version of that tin opener (IOS decrypt.c), (continued)
- Again: perl version of that tin opener (IOS decrypt.c) Riku Meskanen (Jan 11)
- bug in Solaris 2.6 security logging Ruth Milner [VLA] (Jan 12)
- Buffer overflows in Deliver: get 2.1.13 Chip Salzenberg (Jan 12)
- [SIGNED] Buffer overflows in Deliver: get 2.1.13 Chip Salzenberg (Jan 12)
- KSR[T] Advisory #6: deliver KSR[T] (Jan 12)
- Re: KSR[T] Advisory #6: deliver Chip Salzenberg (Jan 12)
- hole in sudo for MP-RAS. osiris () COURIER CB LUCENT COM (Jan 12)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 13)
- Re: hole in sudo for MP-RAS. dsiebert () ICAEN UIOWA EDU (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- CPSN 9:971208: Solaris /var Permission Problems CPIO Advisory Role Account (Jan 12)