Bugtraq mailing list archives
Re: ================================ GNU Core Utilities race condition file-permissions vulnerability ================================ Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5.
From: "Pavel Kankovsky" <peak () argo troja mff cuni cz>
Date: Sat, 16 Apr 2005 19:22:44 +0200 (CEST)
On Wed, 6 Apr 2005, Imran Ghory wrote:
If a malicious local user has write access to a directory in which a target user is using mkdir/mknod/mkfifo with the -m (mode setting option) to create a file then a race condition bug can be exploited to make the change of permission apply to any file belonging to that user.
...and the next step will be an advisory about a race condition in chmod itself? Or, to be more precise, in the use of chmod, i.e. between the moment the user looks at the file and decides to change its attributes and the moment the change is done. And what about a nasty vulnerability in the shell making it possible to overwrite an arbitrary file of yours when you use ">" on a file in a directory writeable by other users? Not to mention hundreds of other programs being able to rewrite or modify existing files. Don't take me wrong: I understand there is a problem out there. But I am afraid its roots are much deeper than "there is a race condition in utility xyz". --Pavel Kankovsky aka Peak
Current thread:
- ================================ GNU Core Utilities race condition file-permissions vulnerability ================================ Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5.2.1 Software URL: <http://www.gnu.org/software/cor Imran Ghory (Apr 11)
- Re: ================================ GNU Core Utilities race condition file-permissions vulnerability ================================ Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5. Pavel Kankovsky (Apr 16)