[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-security-audit
Subject:    Re: [util-linux] anybody else looked at this?
From:       Pavel Kankovsky <peak () argo ! troja ! mff ! cuni ! cz>
Date:       2000-11-30 0:38:44
[Download RAW message or body]

On Wed, 29 Nov 2000 jjohnson@penguincomputing.com wrote:

> 	I was looking at the util-linux package and have found a problem
> in the script program.  The problem is that script fails to check for
> file existence before writing to the typescript file by default.  
> This also works when specifying a different file name.  The author of
> the program doesn't seem to care about the problem and I really don't
> have the C skill needed to fix the problem.  I would assume that other
> programs in this package have similar problems.

I am afraid there is no easy way to distinguish between the case when the
program should follow the symlink and/or overwrite the old file because 
it is expected to behave this way, and the case when it should avoid
doing it for the sake of security. You need a method to decide whether
a directory (the current working directory in this case) can be considered
a "safe playground" for the program. And you need to modify every second
program on this planet to follow this method (script is only a single
example of an affected program). You could probably solve the problem
using some clever data labelling but it would be very un-unixish. :P

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

[prev in list] [next in list] [prev in thread] [next in thread]