Bugtraq mailing list archives
Re: /dev/tcp, and a LD_LIBRARY_PATH question.
From: anthony.baxter () aaii oz au (anthony baxter)
Date: Sun, 04 Dec 1994 01:10:46 +1100
Second question: How can I write a program that keeps the LD_LIBRARY_PATH variable from being exploited? i.e. the SUN 'login' bug where LD_LIBRARY_PATH got exploited. I would ASSUME I could prevent this by doing something like: putenv("LD_LIBRARY_PATH"), but that just seems too simple to be a true fix.
A better solution is to smash the _entire_ environment flat, except for specific ones, such as TZ, that can be reasonably assumed to be safe (I hope - anyone broken into a system with the TZ variable? :-) You can never be sure what new undocumented environment variables exist that could be a security hole. ObBugDetectingHint: (I thought this to be obvious, but I've mentioned it to a few people who hadnt realised it, so may as well send it on) You can get an idea for whether a program is doing something stupid like a system() or popen() with 'strings'. For example, something like /bin/mail %s is usually a bit of a giveaway that someone is doing something stupid, and you might be able to break it. (bonus points if you can spot the program that the above is from :-) Anthony
Current thread:
- Full Disclosure works, here's proof: Christopher Klaus (Nov 30)
- Re: Full Disclosure works, here's proof: Casper Dik (Dec 02)
- Re: Full Disclosure works, here's proof: Christopher Klaus (Dec 02)
- RE: Question... CUNNINGHAM () B PSC EDU (Dec 02)
- empty messages? Breakdown (Dec 02)
- Re: empty messages? Walker Aumann (Dec 02)
- /dev/tcp, and a LD_LIBRARY_PATH question. That Whispering Wolf... (Dec 02)
- Re: /dev/tcp, and a LD_LIBRARY_PATH question. anthony baxter (Dec 03)
- Re: /dev/tcp, and a LD_LIBRARY_PATH question. Robert M. Haas (Dec 03)
- full disclosure list clarification Pete Hartman (Dec 02)
- Re: Full Disclosure works, here's proof: Casper Dik (Dec 02)
- pt_chmod carson () lehman com (Dec 02)
- Re: pt_chmod Karl Strickland (Dec 02)
- mktemp.. *Hobbit* (Dec 02)
- bugtraq list problems (resolved?) Admin/Support (Dec 02)
- full-disclosure list Pete Hartman (Dec 02)
- <Possible follow-ups>
- Re: Full Disclosure works, here's proof: Christopher Klaus (Dec 03)
- Re: Full Disclosure works, here's proof: Bela Lubkin (Dec 03)
- Re: Full Disclosure works, here's proof: Karl Strickland (Dec 04)