[3211] in bugtraq
Re: libresolv+ bug
daemon@ATHENA.MIT.EDU (Alan Cox)
Mon Aug 19 14:26:56 1996
Date: Mon, 19 Aug 1996 09:18:41 +0100
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Alan Cox <coxa@cableol.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <199608190719.JAA15932@albano> from "Casper Dik" at Aug 19,
96 09:19:17 am
> Reading restricted file is not that much of a problem as long as you keep
> the contents of the files secret, i.e., don't print "root:<pw>:::": parse
> error at line 1. Validate your input (for $TZ and $TERMINFO/$TERMCAP,
> validating input is pretty easy, $TZ and $TERM* will only reveal
> information if it happens to be in the right format)
In the case of resolv, user resolv files should only be read if they are
accessible as that user. This means going through all the usual mess because
the designers of Unix didnt anticipate the fact that open(...., O_ASRUID)
would have been useful.
Then fix the buffer overruns then we might get somewhere.
Alan
