[2725] in bugtraq
Re: system() call in suid programs
daemon@ATHENA.MIT.EDU (Max Hailperin)
Fri Jun 14 16:00:09 1996
Date: Fri, 14 Jun 1996 14:24:39 -0500
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Max Hailperin <max@gac.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199606141631.MAA17830@black-ice.cc.vt.edu>
(Valdis.Kletnieks@vt.edu)
Date: Fri, 14 Jun 1996 12:31:53 -0400
From: Valdis.Kletnieks@vt.edu
The worst part is that coding the fork/exec *yourself* takes only 5-6 lines
more, and you can shut down almost all of these attacks.
All though I more-or-less agree, it takes a significant enough amount
of work to shut them all down, and is easy enough to screw up, that
there is no point in not packaging up once and for all the code for
doing this into a library and then using that, rather than over and
over coding those 5-6 lines (or whatever it really is) by hand.
Sure enough, this has been done, namely by Matt Bishop in his msystem
library. I endorse the approach he took (packaging the code into a
library) more than necessarily endorsing (or speaking against) his
specific implementation -- I haven't done a careful security audit on
it to allow me to do that. However, the great thing about source code
distribution is that not only can you check his code, but also if you
find a bug in it, you can fix it! So why not take whatever energy
you'd put into crafting your own N+1st solution to the system(3) and
popen(3) problem and instead devote it to improving msystem (if it
needs it)?
-Max Hailperin
Assistant Professor of Computer Science
Gustavus Adolphus College
800 W. College Ave.
St. Peter, MN 56082
USA
