[21655] in bugtraq
Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)
daemon@ATHENA.MIT.EDU (der Mouse)
Thu Jul 19 13:18:32 2001
Date: Thu, 19 Jul 2001 01:11:29 -0400 (EDT)
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Message-Id: <200107190511.BAA00586@Twig.Rodents.Montreal.QC.CA>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
To: bugtraq@securityfocus.com
>> file:///dev/pty0
> However, the UNIX API has a very simple and *reliable* way around this:
> stat(2)
That's good enough to defend against hostile remote content - though as
someone pointed out, it's arguably broken to obey file: URLs at all
from anything but another file:. (Or when user-specified, of course.)
However, using stat() still leaves you vulnerable to local races of the
sort I'm sure we've all seen far more examples of than we'd like.
I'm not even sure I'd want to disable device file:s, actually. To
(probably mis-)quote someone or other, "UNIX does not prevent you from
doing stupid things because that would also prevent you from doing
clever things".
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
