[1105] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] RESOLV_HOST_CONF

daemon@ATHENA.MIT.EDU (route@onyx.infonexus.com)
Wed Aug 28 20:06:34 1996

From: route@onyx.infonexus.com
To: dholland@hcs.HARVARD.EDU (David Holland)
Date: Tue, 27 Aug 1996 18:08:59 -0700 (PDT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199608260749.DAA26408@hcs.harvard.edu> from "David Holland" at Aug 26, 96 03:49:14 am


	The RESOLV_HOST_CONF exploit fix:

>From the `init_services()` function in inet/gethstnmad.c:
This is where the RESOLV_HOST_CONF environment variable is passed.


       if(NULL==(hostconf=getenv(ENV_HOSTCONF))){
                hostconf=_PATH_HOSTCONF;
        }


All we need to add is some UID checking... 
         

        	/* If our UID is not equal to our EUID, do not pass the env */
        if(!(hostconf=getenv(ENV_HOSTCONF))){
                if((getuid()==geteuid()))hostconf=_PATH_HOSTCONF;
        }
         


-- 
[ route@infonexus.com ]  Editor, Phrack Magazine / Guild Corporation Chair

	       the greatest trick the devil ever pulled was
		   convincing the world he didn't exist

home help back first fref pref prev next nref lref last post