[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: RFD: libsuid
From: VaX#n8 <vax () linkdead ! paranoia ! com>
Date: 1996-08-24 4:37:47
[Download RAW message or body]
There are a few common goofs when making s[ug]id binaries.
I needn't run them down for you. Thinking about race conditions in the
way most mailers write to files in publicly-writeable dirs led to a
fairly long solution -- perhaps worthy of putting in a library function.
If nothing like this has been done before, and we can think of a few
more things to add, I'd like to organize it. I'd really like any ideas
you had for functions in this library, and of course if you donate code
proper attributions will be given.
If I get enough material, I'd like to distribute it under the BSD copyright,
except for any GNU autoconf bits of course. No religious flames please;
I love free software. Really.
Here are a few ideas just off the top of my head (bear with me, I
haven't done much research on these):
"change to this uid, irrevocably"
(on systems which require odious saved-setuid semantics that don't allow
irrevocable loss of privelege, fail an assertion and/or coredump.
Avoids e.g. suidperl mistakes)
"open this file, safely"
(even in world-write dirs; avoid e.g. old local mailer race conditions
and Solaris 2.5 kcms* mistakes)
"tidy up the environment"
(sort of ill-defined, but would reset key envars to sane things)
(could be expanded to do things like check PATH for directories/files
not meeting some "safety" criteria... etc)
Some other tools might be interesting (perhaps not possible :)...
A partial C-parser which looks for buffers on the stack and str{cpy,printf}s
into it -- or even more generally something which tries to decide if you
are ever checking boundary conditions... or taking the sizeof()...
...anything we can do to minimize fandango-on-stack bugs...
I have a feeling certain functions will be OS-dependent and thus will
require something like GNU Autoconf. That's cool, I'm familiar with it.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic