| version 1.11, 1998/08/18 02:49:25 |
version 1.12, 1998/08/18 02:53:36 |
|
|
| a valid shell script, a syntax error message would follow, along with the |
a valid shell script, a syntax error message would follow, along with the |
| first line of the offending file, without any further permission check. |
first line of the offending file, without any further permission check. |
| Pretty handy to grab the first line of a shadow passwd file, considering |
Pretty handy to grab the first line of a shadow passwd file, considering |
| these often start with root entry. Once again, don't trust filenames: |
these often start with root entry. Do not open your file, and then do |
| open your file, and do an <code>fstat</code> on the open descriptor to |
an <code>fstat</code> on the open descriptor to check if you should have |
| check the actual rights. |
been able to open it (or the attacked will play with /dev/rst0 and rewind |
| |
your tape) -- open it with the correct uid/gid/grouplist set. |
| |
|
| <li>Don't use anything that forks a shell in setuid programs before dropping |
<li>Don't use anything that forks a shell in setuid programs before dropping |
| your privileges. This includes <code>popen</code> and <code>system</code>. |
your privileges. This includes <code>popen</code> and <code>system</code>. |
![[BACK]](/icons/back.gif){kind=icon}
Return to porting.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www