|Here's a patch that I wrote to address that security "hole" in
|config.guess. I sent it to [EMAIL PROTECTED] on June 4, 2002 but
|have not heard from them since. The patch works with GNU config.guess
|2002-05-29, available at ftp://ftp.gnu.org/pub/gnu/config/config.guess
|
|
|The patch tries to
Lawrence;
I see that the key here is that the attacker is a user with local access to a
system (be it by login, security hole in another binary giving shell access as
that binary's user, etc). The admin merely runs the innocent package, and due
to the attacker's symlinks, causes damage to his ow
Here's a patch that I wrote to address that security "hole" in config.guess.
I sent it to [EMAIL PROTECTED] on June 4, 2002 but have not heard from
them since. The patch works with GNU config.guess 2002-05-29, available at
ftp://ftp.gnu.org/pub/gnu/config/config.guess
The patch tries to ensure
>Effort to reduce this kind of a security "hole" are quite fruitless, so
>long as I
>or anyone can build a ./configure that will simply "rm -fr /*";
Please correct me if I'm wrong, but doesn't that again inaccurately assume
what David pointed out: that the attacker and distributor/provider are
Effort to reduce this kind of a security "hole" are quite fruitless, so long as I
or anyone can build a ./configure that will simply "rm -fr /*"; nevertheless, I do
support David's comment:
> 2. A non-root mindset should be encouraged. Indeed, I'd support a case
> for a default of "if root th
On Sat, 8 Jun 2002, Bernd Jendrissek wrote:
> On Fri, Jun 07, 2002 at 04:50:23PM -0400, Lawrence Teo wrote:
> > My point is, if config.guess can be hardened against such potential symlink
> > attacks, why shouldn't it be? Of course, it would be great to educate all
> > admins not to build stuff
> > Likewise, having a "hardened" config.guess file would not necessarily
> > prevent symlink attacks, but it'll definitely make it much harder for an
> > attacker to exploit it, even if the admin is sloppy.
>
>An attacker is hardly likely to distribute a "hardened" config.guess
Of course the att
On Fri, Jun 07, 2002 at 04:50:23PM -0400, Lawrence Teo wrote:
> My point is, if config.guess can be hardened against such potential symlink
> attacks, why shouldn't it be? Of course, it would be great to educate all
> admins not to build stuff as root. But it would also be a responsible thing
>
definitely make it much harder for an
attacker to exploit it, even if the admin is sloppy.
Lawrence
>From: Allan Clark <[EMAIL PROTECTED]>
>To: Lawrence Teo <[EMAIL PROTECTED]>
>CC: [EMAIL PROTECTED]
>Subject: Re: Security vulnerability in automake
>Date: Sun, 09 Jun 2002 01
Allan Clark wrote:
>
> This is really not an issue;
There are a lot of sloppy people around.
I had a make check test divert its output to /dev/null,
only the test also changed the permissions of the output
file, too. Someone complained that /dev/null became r--r--r--.
It might be useful to chok
This is really not an issue; standard users cannot overwrite /etc/passwd
You don't compile/install unknown software as root, do you? If so, then
my configure file says this:
date > /etc/passwd
Sure, this could be replaced with a hashed random name, but the same
vulnerability remains. Don't b
> > I was learning Automake last night, and I think I found a security
> > vulnerability. I'm not sure if this is already known, but I couldn't
> > find it on Bugtraq. The security vulnerability is the insecure
> > creation of temporary files in the config.guess script which leads
> > to a race co
Lawrence Teo writes:
> I was learning Automake last night, and I think I found a security
> vulnerability. I'm not sure if this is already known, but I couldn't
> find it on Bugtraq. The security vulnerability is the insecure
> creation of temporary files in the config.guess script which leads
> t
I was learning Automake last night, and I think I found a security
vulnerability. I'm not sure if this is already known, but I couldn't
find it on Bugtraq. The security vulnerability is the insecure
creation of temporary files in the config.guess script which leads
to a race condition.
In the con
14 matches
Mail list logo
