Bugtraq mailing list archives
Re: Race conditions
From: jmb () kryten Atinc COM (Jonathan M. Bresler)
Date: Thu, 8 Dec 1994 08:54:36 -0500 (EST)
On Wed, 7 Dec 1994, der Mouse wrote:
To open a file, which should already exist:
- lstat() the path, check that lstat succeeded
- check that it's acceptable (eg, not a symlink :-)
- open() (without O_CREAT), check that the open succeeded
- fstat() the fd returned by open
- if the lstat and fstat st_ino and st_dev fields match,
accept.
if you want to allow symlinks but not allow the race, try:
-open() the file without privelege, save the inode #
-open() the file withe privelege, compare the inode #'s
if the symlink has been switched on you (the cracker won the
race), the inode #'s will differ. if he did the switch before the first
open(), that open() will fail.
Jonathan M. Bresler jmb () kryten atinc com | Analysis & Technology, Inc.
| 2341 Jeff Davis Hwy
play go. | Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life | 703-418-2800 x346
Current thread:
- Race conditions Michael Bresnahan (Dec 07)
- Re: Race conditions Luke Mewburn (Dec 07)
- Re: Race conditions Christopher Samuel (Dec 08)
- Re: Race conditions Walker Aumann (Dec 08)
- Re: Race conditions Christopher Samuel (Dec 09)
- Re: Race conditions Christopher Samuel (Dec 08)
- Re: Race conditions Luke Mewburn (Dec 07)
- Re: Race conditions Jason Matthews (Dec 08)
- Re: Race conditions Pat Myrto (Dec 09)
- Re: Race conditions, mkstemp Jonathan M. Bresler (Dec 10)
- Re: Race conditions, mkstemp Casper Dik (Dec 11)
- Re: Race conditions Pat Myrto (Dec 09)
- <Possible follow-ups>
- Re: Race conditions der Mouse (Dec 07)
- Re: Race conditions Jonathan M. Bresler (Dec 08)
- Re: Race conditions Jonas Sandberg (Dec 08)
- Re: Race conditions Christopher Samuel (Dec 12)
- Re: Race conditions Thomas Roessler (Dec 09)
- Re: Race conditions Fred Blonder (Dec 09)
- Re: Race conditions Pat Myrto (Dec 09)
- Re: Race conditions der Mouse (Dec 12)