oss-sec mailing list archives

Re: Vixie/ISC Cron group crontab to root escalation

From: Jakub Wilk <jwilk () jwilk net>
Date: Tue, 13 Jun 2017 13:26:38 +0200

* Fiedler Roman <Roman.Fiedler () ait ac at>, 2017-06-13, 07:45:

Thanks, perhaps a comment in the code can't hurt...
Or even O_NODEV which does not exist, or O_PATH (linux only)..
As there is a O_DIRECTORY it would be more orthogonal to have O_REGULAR (openonly a regular file). But that becomes more and more icky as we're runningout of 32 bits of O_*)
Why not stop that at all and have an O_POLICY,


With help of O_PATH, you can implement almost any sanity check in userspace.
No need to reinvent this particular wheel.

--
Jakub Wilk

Current thread:

Vixie/ISC Cron group crontab to root escalation Solar Designer (Jun 08)
- Re: Vixie/ISC Cron group crontab to root escalation Ian Zimmerman (Jun 08)
- Re: Vixie/ISC Cron group crontab to root escalation Christos Zoulas (Jun 09)
  - Re: Vixie/ISC Cron group crontab to root escalation Solar Designer (Jun 09)
    - Re: Vixie/ISC Cron group crontab to root escalation Christos Zoulas (Jun 09)
    - Re: Vixie/ISC Cron group crontab to root escalation Casper . Dik (Jun 12)
    - Re: Vixie/ISC Cron group crontab to root escalation Alan Coopersmith (Jun 12)
- Re: Vixie/ISC Cron group crontab to root escalation Salvatore Bonaccorso (Jun 09)
- <Possible follow-ups>
- Re: Vixie/ISC Cron group crontab to root escalation Fiedler Roman (Jun 13)
  - Re: Vixie/ISC Cron group crontab to root escalation Jakub Wilk (Jun 13)
    - Re: Vixie/ISC Cron group crontab to root escalation Fiedler Roman (Jun 13)
    - Re: Vixie/ISC Cron group crontab to root escalation Florian Weimer (Jun 13)
- Re: Vixie/ISC Cron group crontab to root escalation Fiedler Roman (Jun 13)