Bugtraq mailing list archives

Re: Multiple OS kernel insecure handling of stdio file descriptor

From: eugeny gladkih <john () drweb com>
Date: Sat, 20 Jan 2007 20:43:33 +0300

"SP" == Shiva Persaud <shivapd () austin ibm com> writes:

XFOCUS team (http://www.xfocus.org/)  had discovered Multiple OS kernel
insecure handling of stdio file descriptor.

===================
Affected OS Version

AIX 5.3


 SP> The AIX Security Team can be reached at security-alert () austin ibm com.

 SP> We have investigated this issue and AIX is not affected. A privileged
 SP> process will not inherit closed file descriptors for stdio, stdout and
 SP> stderr.

well, but what is used for stdout if it's closed in the parent
process just before fork(2) call?!

-- 
Yours sincerely, Eugeny.
Doctor Web, Ltd. http://www.drweb.com

Current thread:

Multiple OS kernel insecure handling of stdio file descriptor XFOCUS Security Team (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor 3APA3A (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Peter Jeremy (Jan 18)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor Carson Gaspar (Jan 22)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Shiva Persaud (Jan 20)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 23)
    - Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor Troy Bollinger (Jan 22)