Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 20 Mar 2002 12:25:24 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 20 Mar 2002 12:25:14 -0500 Received: from [195.63.194.11] ([195.63.194.11]:41742 "EHLO mail.stock-world.de") by vger.kernel.org with ESMTP id ; Wed, 20 Mar 2002 12:24:59 -0500 Message-ID: <3C98C594.6070402@evision-ventures.com> Date: Wed, 20 Mar 2002 18:23:32 +0100 From: Martin Dalecki User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020311 X-Accept-Language: en-us, pl MIME-Version: 1.0 To: Larry McVoy CC: "David S. Miller" , pavel@suse.cz, davej@suse.de, linux-kernel@vger.kernel.org Subject: Re: Bitkeeper licence issues In-Reply-To: <20020319002241.K17410@suse.de> <20020319220631.GA1758@elf.ucw.cz> <20020319152502.J14877@work.bitmover.com> <20020319.152759.06816290.davem@redhat.com> <20020319154436.N14877@work.bitmover.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Larry McVoy wrote: > On Tue, Mar 19, 2002 at 03:27:59PM -0800, David S. Miller wrote: > >> From: Larry McVoy >> Date: Tue, 19 Mar 2002 15:25:02 -0800 >> >> Come on Pavel, in order to make this happen, you have to >> >> a) run the installer as root >> b) know the next pid which will be allocated >> c) put the symlink in /tmp/installer$pid >> >>Exploit: Make all 65535 $pid simlinks >> >>It's very exploitable actually, and is similar in vein to >>all the ancient mktemp stuff. > > > Hey Dave, are you suggesting that no such exploits exist in Red Hat's > rpm system? In order for that to be true, rpm would have to be making > sure that each and every directory along any path that it writes is > not writable except by priviledged users. I just checked, it doesn't. > > We can sit here all day and make a big deal out of this, I think it's a > waste of time. I'm not an advocate of insecure software and I'm happy > to close any holes that people think need closing, but you're just > wasting time. This isn't an issue. If you really, really cared, there > is nothing to prevent you from downloading the BK image, unpacking it on > a throwaway machine, back it back up again in a shar file or whatever, > and then installing it. > > At some point, people get to take responsibility for their own choices. BTW> The proper way of using files in /tmp is not to make guessable filenames in the cathegory /tmp/gangbang$pid! Please explore the world of mkstemp() and friends on the manpages and forget about create() or O_* for this purpose. OK? As an added bonus you will not break export TMPDIR=~/mybed and firends for the paranoid users. This should be a reflex for someone with such a Sun heritage like you... And finally - please don't mistake me - I don't think that this issue is a big deal in this particular case... - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/