[19243] in bugtraq
Re: vixie cron possible local root compromise
daemon@ATHENA.MIT.EDU (Robert Bihlmeyer)
Thu Feb 15 17:59:13 2001
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="----------=_982241515-772-0";
micalg="pgp-sha1"; protocol="application/pgp-signature"
Message-Id: <87k86s1540.fsf@hoss.orcus.priv.at>
Date: Thu, 15 Feb 2001 13:51:43 +0100
Reply-To: Robert Bihlmeyer <robbe@ORCUS.PRIV.AT>
From: Robert Bihlmeyer <robbe@ORCUS.PRIV.AT>
X-To: gabriel rosenkoetter <gr@ECLIPSED.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: gabriel rosenkoetter's message of "Tue, 13 Feb 2001 15:56:32
-0500"
This is a multi-part message in MIME format.
It has been signed conforming to RFC2015.
You'll need PGP or GPG to check the signature.
------------=_982241515-772-0
Content-Type: text/plain; charset=us-ascii
gabriel rosenkoetter <gr@ECLIPSED.NET> writes:
> Perhaps mine was not the most thought-out reply, but people who use
> usernames longer than 8 characters should be aware that those
> usernames are NOT unique under POSIX, and useradd programs that
> allow them are at least *also* broken.
So? Programs using features that are optional under POSIX (i.e. not
required to be present on a POSIX-compliant system) are of course not
broken.
You say that on a system supporting 32 character usernames, "useradd"
should refuse to add names longer than 8 characters? A warning would
be ok, perhaps.
Note that a decent frontend will surely check for the one problem you
raise (which is not restricted to long usernames): uniqueness.
So, if a user "eightchr" exists, adding another user "eightchr" should
fail (otherwise I concur that the useradd in question is broken).
Adding "eightchrsareenough" will automatically fail with "user exists"
on systems considering only the first 8 charactars, and will magically
work otherwise. No problem here.
> (No question that cron should do better bounds checking; my point
> was that that bounds checking should be added out of paranoia, not
> out of necessity.)
A fix IS necessary for correctness, not paranoia. Systems supporting
9, 32, or 1024 characters in usernames are entirely compliant with
relevant standards, and crontab has certainly no excuse on segfaulting
over this. Bailing out is the least it must do. Deal with any length
it should.
--
Robbe
------------=_982241515-772-0
Content-Type: application/pgp-signature; name="signature.ng"
Content-Disposition: inline; filename="signature.ng"
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD4DBQE6i9D48g21h7wYWrMRAgmqAKDDk0WmSnwLgx5GVv/xflnIfbce2QCWNDzr
h1c93dPO7FO9hfQ4xwpGaA==
=HOJ+
-----END PGP SIGNATURE-----
------------=_982241515-772-0--
