Bugtraq mailing list archives
Re: How was the majordomo bug found ?
From: Eric.Vyncke () csl sni be (Eric Vyncke)
Date: Fri, 10 Jun 1994 08:44:42 +0200
(Graham Toal writes:)The correct way to write such programs needs a bit more publicity I suspect. I'd knock up a 'how to' except that I'm really up to my ankles in alligators at the moment and will be for the next month...Without getting into the details of how long things were known since that gets into flame bait, I'd kind'a like to hear exactly how the hole(s) were found to learn better how to set up the appropriate traps to find such things as soon as they get used...
I think that a vast majority of 'holes' in Unix programs are based on the _DANGEROUS_ use of the system() function instead of the _MUCH_MORE_SECURE_ fork()/exec() combination.
From the developper's point of view, using system() or even popen() is a
single obvious line of C code, fork()/exec() combination needs about a dozen of lines...
From the patches from Brent Chapman, it seems that majordomo was using
system() or popen()... There should indeed be a FAQ about how to write 'secure programs'. Cheers, Eric --- Eric Vyncke, Project Leader Siemens Nixdorf - Centre Software de Liege - Belgium EUnet: vyncke () csl sni be Phone: +32-41-201654 Fax: +32-41-201642
Current thread:
- How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? Brent Chapman (Jun 09)
- Re: How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? John Evans (Jun 09)
- Majordomo CERT advisory (modified by rouilj) John P. Rouillard (Jun 09)
- Re: How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? Eric Vyncke (Jun 09)
- Re: How was the majordomo bug found ? Karl Strickland (Jun 10)
- Re: How was the majordomo bug found ? Evil Pete (Jun 10)
- Sequent/DYNIX Security Hole Christian A. Ratliff (Jun 10)
- Re: How was the majordomo bug found ? Brent Chapman (Jun 09)