Hi. As this Bug is now lying around for more than one month I decided to
look into a fix. It is not a very beautiful one, it is only partially
tested and it only works for systems which can fork, so please look over it
before applying it.
The idea is to fork off a process, change into the director
On Wed, Jan 12, 2005 at 05:02:41PM -0500, Aaron Sherman wrote:
>> [p5p:] If anyone had a cleaner (and cross-platform) fix, I'd love to
>> hear of it.
>
>Well, certainly relying on rm (and you assumed a "-v" option which,
>AFAIK implies GNU rm specifically) is right out. I'm sure others will
>say th
On Wed, 2005-01-12 at 07:45, Brendan O'Dea wrote:
> >Example of attack: suppose we know that root uses rmtree to clean up
> >/tmp directories.
[...]
> >Root would have recorded the permissions of /tmp/psz/sh, but would
> >"restore" it to /bin/sh.
I'll discuss this one, below with my reply to Bren
Brendan O'Dea <[EMAIL PROTECTED]> wrote:
> both of these issues obviously stem from the same root cause--a race
> between generating a list of files, then manipulating that list.
The first issue "also" relies on Path.pm trying to be clever:
# notabene: 0777 is for making readable in
How does this relate to the Debian patch 22_fix_file_path
for CAN-2004-0452 ? which I'm pasting below.
That said, an implementation of rmtree() that uses /bin/rm
isn't suitable for inclusion in perl itself.
http://security.debian.org/pool/updates/main/p/perl/perl_5.6.1-8.8.diff.gz
[Adapted from C
On Thu, Dec 23, 2004 at 09:10:31AM +1100, Paul Szabo wrote:
>Package: perl-modules
>Version: 5.6.1-8.7
>Severity: critical
>File: /usr/share/perl/5.6.1/File/Path.pm
>Tags: security
>Justification: root security hole
>Example of attack: suppose we know that root uses rmtree to clean up
>/tmp direct
6 matches
Mail list logo
