version 1.11, 1998/08/18 02:49:25 |
version 1.12, 1998/08/18 02:53:36 |
|
|
a valid shell script, a syntax error message would follow, along with the |
a valid shell script, a syntax error message would follow, along with the |
first line of the offending file, without any further permission check. |
first line of the offending file, without any further permission check. |
Pretty handy to grab the first line of a shadow passwd file, considering |
Pretty handy to grab the first line of a shadow passwd file, considering |
these often start with root entry. Once again, don't trust filenames: |
these often start with root entry. Do not open your file, and then do |
open your file, and do an <code>fstat</code> on the open descriptor to |
an <code>fstat</code> on the open descriptor to check if you should have |
check the actual rights. |
been able to open it (or the attacked will play with /dev/rst0 and rewind |
|
your tape) -- open it with the correct uid/gid/grouplist set. |
|
|
<li>Don't use anything that forks a shell in setuid programs before dropping |
<li>Don't use anything that forks a shell in setuid programs before dropping |
your privileges. This includes <code>popen</code> and <code>system</code>. |
your privileges. This includes <code>popen</code> and <code>system</code>. |