oss-sec mailing list archives
tftpd-hpa - insecure chroot()
From: gremlin () gremlin ru
Date: Thu, 2 Nov 2017 15:16:55 +0300
Just look at this code and guess how it would be compiled on most
systems:
========================================
/* Chroot and drop privileges */
if (secure) {
if (chroot(".")) {
syslog(LOG_ERR, "chroot: %m");
exit(EX_OSERR);
}
#ifdef __CYGWIN__
chdir("/"); /* Cygwin chroot() bug workaround */
#endif
}
========================================
:-)
--
Alexey V. Vissarionov aka Gremlin from Kremlin
GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8
Attachment:
_bin
Description:
Current thread:
- tftpd-hpa - insecure chroot() gremlin (Nov 02)
- Re: tftpd-hpa - insecure chroot() Dmitry V. Levin (Nov 03)
- Re: tftpd-hpa - insecure chroot() gremlin (Nov 06)
- Re: tftpd-hpa - insecure chroot() Dmitry V. Levin (Nov 03)