Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncurses 4.1 security bug

From: davids () WEBMASTER COM (David Schwartz)
Date: Thu, 9 Jul 1998 15:57:18 -0400


And of course your comment is inconsistent with LD_PRELOAD handling on
every OS so far - ld.so is a shared object too.

Alan


        The ld.so library is specifically intended to be callable by suid/sgid
processes and callers can reasonably expect that the library would be safe.
On the other hand, 'user' libraries should not be assumed to be safe under
any circumstances.

        Programs not designed to be suid/sgid should not operate if they find
themselves suid/sgid (and should make this check as early as practical).
Programs designed to be suid/sgid should not call libraries not known to be
safe without dropping privileges.

        And, of course, use of contructors not known to be safe in suid/sgid
programs should be strongly discouraged. Pointers should be used instead and
the objects created only after the environment is known to be safe.

        In my opinion, authors of programs that are designed to be suid/sgid should
do anything that they don't reasonably know to be safe without first
ensuring a sane (and unprivileged) environment. The fault is in the
programs, not the libraries.

        David Schwartz
Previous By Date Next
Previous By Thread Next

Current thread: