oss-sec mailing list archives
Re: CVE request: mono loading shared libs from cwd
From: Thomas Biege <thomas () suse de>
Date: Wed, 10 Nov 2010 15:25:01 +0100
missed to add: http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html Am Mittwoch 10 November 2010 15:18:26 schrieb Thomas Biege:
Hello folks, from our bugzilla. " http://www.mono-project.com/DllNotFoundException explains that the mono runtime searches the current working directory for DLLs. This opens a serious security hole. Malicious code can be given the same name as a DLL and left in a directory the user might visit. Also, it means that no mono application can safely set the current working directory. Microsoft themselves addressed this issue in Windows http://msdn.microsoft.com/en-us/library/ms682586(v=VS.85).aspx It's a well known "dummies" question for Unix why you must not have "." on your path http://www.unix.com/unix-dummies-questions-answers/22806-why-bad-idea-inser t- dot-path.html Mono is exposing users to these same old hat problems. (As a related problem, many mono programs seem to *assume* that they will be run with the CWD set to their installed directory, and break if it isn't.) " Filed by Richard Brooksby.
-- Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach
Current thread:
- CVE request: mono loading shared libs from cwd Thomas Biege (Nov 10)
- Re: CVE request: mono loading shared libs from cwd Thomas Biege (Nov 10)
- Re: CVE request: mono loading shared libs from cwd Josh Bressers (Nov 10)
- Re: CVE request: mono loading shared libs from cwd Thomas Biege (Nov 10)