Re: How was the majordomo bug found ?

[Eric.Vyncke () csl sni be (Eric Vyncke)]

> (Graham Toal writes:)
> > The correct way to write such programs needs a bit more publicity
> > I suspect.  I'd knock up a 'how to' except that I'm really up to
> > my ankles in alligators at the moment and will be for the next month...
>
> Without getting into the details of how long things were known since that
> gets into flame bait, I'd kind'a like to hear exactly how the hole(s) were
> found to learn better how to set up the appropriate traps to find such things
> as soon as they get used...

I think that a vast majority of 'holes' in Unix programs are based on the 
_DANGEROUS_ use of the system() function instead of the _MUCH_MORE_SECURE_ 
fork()/exec() combination.

> From the developper's point of view, using system() or even popen() is a 
single obvious line of C code, fork()/exec() combination needs about a dozen 
of lines...

> From the patches from Brent Chapman, it seems that majordomo was using 
system() or popen()...

There should indeed be a FAQ about how to write 'secure programs'.

Cheers,

Eric
---
Eric Vyncke,  Project Leader
Siemens Nixdorf - Centre Software de Liege - Belgium
EUnet: vyncke () csl sni be Phone: +32-41-201654 Fax: +32-41-201642