Vulnerability Development mailing list archives
Re: OSS www.opensound.com
From: Martin Macok <martin.macok () UNDERGROUND CZ>
Date: Wed, 24 Jan 2001 19:20:12 +0100
On Fri, Jan 24, 2020 at 12:52:36AM +1100, fejed wrote:
Earlier on today, I was messing with strace and OSS, see www.opensound.com, [eks@localhost oss]$ cat version.txt This version (3.9.4b-010118) is compiled for Linux-2.2.18-UP I noticed this: [400f8c34] read(255, "\n$MODTOOLS/insmod -V > /tmp/oss."..., 8176) = 8176 /tmp/oss eh? so if the module was not loaded at the current point in time, theoretically, could a module not be placed in /tmp as 'oss' and then it would be insmod'd and used?
I think "insmod -V > something" just writes stdout (insmod -V) to file "something" and doesn't load anything under any circumstances. (That doesn't mean that it's OK. Someone must validate if it writes to a file in /tmp the proper way(tm) ... i.e. if there are sanity checks, if it doesn't follow symlinks, work with right privilegies... etc.) Have a nice day -- Martin Mačok underground.cz openbsd.cz
Current thread:
- OSS www.opensound.com fejed (Jan 23)
- Re: OSS www.opensound.com Martin Macok (Jan 24)
- <Possible follow-ups>
- Re: OSS www.opensound.com Leonardo Constantino C. da R. e Oliveira (Jan 25)