[338] in linux-security and linux-alert archive
Re: problem with selection
daemon@ATHENA.MIT.EDU (Thomas Weber)
Fri Sep 1 08:35:17 1995
From: tom@pandemonium.saar.de (Thomas Weber)
To: R.E.Wolff@et.tudelft.nl
Date: Tue, 29 Aug 1995 17:08:34 +0200 (MET DST)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199508281100.NAA19452@dutecai.et.tudelft.nl> from "R.E.Wolff@et.tudelft.nl" at Aug 28, 95 01:00:23 pm
-----BEGIN PGP SIGNED MESSAGE-----
> > This patch seems to fix the problem:
~~~~~
> I'm starting to get wildly annoyed at people who think they can
> do security checks in setuid programs.
I was pretty sure that I would get some reactions like this. I was pretty
sure that my 'fix' wasn't the real solution. That's why I wrote "seems".
I'm not a programmer in the first place. I administrate some Unix machines
and I know of some of the security problems. I've never seen this problem
reported so I did it (and _tried_ to give a solution).
Now all that's coming back are remarks like how stupid it is to use selection,
to use it suid root and how bad this patch is.
> before running the previously published exploitation method. It now only
> has a 50% chance of succeeding. Bummer.
So well. As long as I don't have the time to find a better solution I'll
stay with this 50% solution. BTW, my selection.pid file rests in /var/run, so
it's not such a big problem for me anyway.
> (because of the unlink in the preceding program, you might have to modify
> the attack to create/delete the symlinks as fast as you can instead of
> moving them around.)
I expected this, and I hoped that someone would post a better solution,
that's why I mailed. But nothing so far :-(
Tom
- --
i feel like a falling leaf / departed from my source of life
dipping into the ground / to become one with the earth
todessehnsucht - wo bleibt die gerechtigkeit? -atrocity-
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQCVAgUBMEMta/PB96Cs1ZNdAQHmpgP/eyBl8OINbSsPCcwM3tiVHFheS8I2QaZe
u/iT0u8ryuOWDwCIWTTuv2elyMeNd/WnEGwHRyAgUbtLHkkzYmK21cmZD5nvMvWh
rGwL7xdRXOuP7bHPhJ6Vqy5sn/jf2orWRC4diCbq8HZGENM+xWDvxWkDbAtzWT0A
0C5pYp2+d9U=
=Q/x5
-----END PGP SIGNATURE-----
