oss-sec mailing list archives

Re: Running Java across a privilege boundry

From: Martin Carpenter <mcarpenter () free fr>
Date: Thu, 18 Dec 2014 21:59:21 +0100

On Thu, 2014-12-18 at 21:43 +0300, Alexander Cherepanov wrote:

Relative paths is not the only problem. /tmp is even worse:

https://bugs.debian.org/759868


Nice, thanks. Revised:

8.7 RUNPATH and RPATH
Libraries that define RPATH or RUNPATH should ensure that this does not
contain relative paths or paths that traverse insecure directories
(eg /tmp or /var/tmp). This is to prevent an executable from loading a
library from an untrusted location. (This should include the corner
cases whereby the path list starts or ends with a colon, or includes two
consecutive colons).


("insecure directories" is intentionally broad (not just "world
writable"). Clarify?).

I'll file a bug against debian-policy in ~24h unless there are further
edits/additions/objections.

Current thread:

Re: Running Java across a privilege boundry, (continued)
- - - Re: Running Java across a privilege boundry Tim Brown (Nov 22)
    - Re: Running Java across a privilege boundry Solar Designer (Nov 23)
    - Re: Running Java across a privilege boundry Solar Designer (Nov 25)
    - Re: Running Java across a privilege boundry Solar Designer (Dec 08)
    - Re: Running Java across a privilege boundry Tim Brown (Dec 18)
    - Re: Running Java across a privilege boundry Jakub Wilk (Dec 18)
    - Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
    - Re: Running Java across a privilege boundry Jakub Wilk (Dec 18)
    - Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
    - Re: Running Java across a privilege boundry Alexander Cherepanov (Dec 18)
    - Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
    - Re: Running Java across a privilege boundry Alexander Cherepanov (Dec 18)