[309] in bugtraq
/dev/tcp, and a LD_LIBRARY_PATH question.
daemon@ATHENA.MIT.EDU (That Whispering Wolf...)
Fri Dec 2 18:47:28 1994
To: bugtraq@fc.net
Date: Fri, 02 Dec 1994 15:35:56 -0500
From: "That Whispering Wolf..." <elfchief@lupine.org>
Hokay, two questions.
The first, I already sent to bugtraq, but I haven't seen it, so assume it
got lost in the various bugtraq problems I've seen. Basically, it's this:
A while back someone talked about being able to crash 4.1.3 machines
by echoing garbage > /dev/tcp -- They also mentioned that there was a patch,
but not WHICH patch. I've searched my archives, and can't find any reference
to /dev/tcp, so I was wondering if anyone can give me pointers?
I've temporarilly changed the permissions of /dev/tcp to 600 -- I know this
breaks some machines (sockets can't get opened), but so far no problems on
4.1.3.
Second question: How can I write a program that keeps the LD_LIBRARY_PATH
variable from being exploited? i.e. the SUN 'login' bug where LD_LIBRARY_PATH
got exploited. I would ASSUME I could prevent this by doing something like:
putenv("LD_LIBRARY_PATH"), but that just seems too simple to be a true fix.
(If it's not complex, it's not right? :)
Hints? Tips?
-WW
