oss-sec mailing list archives
Re: Vixie/ISC Cron group crontab to root escalation
From: Casper.Dik () oracle com
Date: Mon, 12 Jun 2017 20:15:06 +0200
On Jun 9, 6:27pm, solar () openwall com (Solar Designer) wrote: -- Subject: Re: [oss-security] Vixie/ISC Cron group crontab to root escalatio | Oh, I did in fact mention this in the private discussion, so I'll quote: | | | Another detail: somehow in Owl we introduced lstat() prior to open, and | | check lstat()'s struct for all the required properties before proceeding | | with open() with O_NOFOLLOW. Then we check that st_dev/st_ino stayed | | the same. We also kept the post-open() checks. I don't recall exactly | | why we added this, but maybe because of the possibility of side-effects | | on open() for hard links to device files (like with tape drives). And | | it looks like we neglected to add the same for at jobs (perhaps didn't | | revisit this when support for at jobs appeared via our update to later | | OpenBSD code) - maybe we should. Thanks, perhaps a comment in the code can't hurt... Or even O_NODEV which does not exist, or O_PATH (linux only)..
As there is a O_DIRECTORY it would be more orthogonal to have O_REGULAR (open only a regular file). But that becomes more and more icky as we're running out of 32 bits of O_*) Casper
Current thread:
- Vixie/ISC Cron group crontab to root escalation Solar Designer (Jun 08)
- Re: Vixie/ISC Cron group crontab to root escalation Ian Zimmerman (Jun 08)
- Re: Vixie/ISC Cron group crontab to root escalation Christos Zoulas (Jun 09)
- Re: Vixie/ISC Cron group crontab to root escalation Solar Designer (Jun 09)
- Re: Vixie/ISC Cron group crontab to root escalation Christos Zoulas (Jun 09)
- Re: Vixie/ISC Cron group crontab to root escalation Casper . Dik (Jun 12)
- Re: Vixie/ISC Cron group crontab to root escalation Alan Coopersmith (Jun 12)
- Re: Vixie/ISC Cron group crontab to root escalation Solar Designer (Jun 09)
- <Possible follow-ups>
- Re: Vixie/ISC Cron group crontab to root escalation Fiedler Roman (Jun 13)
- Re: Vixie/ISC Cron group crontab to root escalation Jakub Wilk (Jun 13)
- Re: Vixie/ISC Cron group crontab to root escalation Fiedler Roman (Jun 13)
- Re: Vixie/ISC Cron group crontab to root escalation Florian Weimer (Jun 13)
- Re: Vixie/ISC Cron group crontab to root escalation Jakub Wilk (Jun 13)