oss-sec mailing list archives
Re: Untrusted fs and invalid filenames
From: Eitan Adler <lists () eitanadler com>
Date: Sun, 13 Mar 2011 15:18:27 -0500
On Sat, Mar 12, 2011 at 12:03 PM, Vasiliy Kulikov <segoon () openwall com> wrote:
This is a resumption of the subject "Physical access vulnerabilities and auto-mounting" brought by Dan Rosenberg. The previous discussion was about possible attacks the kernel, now I'd like to talk about attacks userland programs.
http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html and http://www.dwheeler.com/essays/filenames-in-shell.html are relevant here. -- Eitan Adler
Current thread:
- Untrusted fs and invalid filenames Vasiliy Kulikov (Mar 12)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 13)
- Re: Untrusted fs and invalid filenames Eitan Adler (Mar 13)
- Re: Untrusted fs and invalid filenames Stephan Mueller (Mar 14)
- Re: Untrusted fs and invalid filenames Dan Rosenberg (Mar 14)
- Re: Untrusted fs and invalid filenames Stephan Mueller (Mar 14)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 14)
- Re: Untrusted fs and invalid filenames Vasiliy Kulikov (Mar 14)
- Re: Untrusted fs and invalid filenames Ludwig Nussel (Mar 14)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 14)
- Re: Untrusted fs and invalid filenames Dan Rosenberg (Mar 14)