oss-sec mailing list archives
Re: tftpd-hpa - insecure chroot()
From: "Dmitry V. Levin" <ldv () altlinux org>
Date: Fri, 3 Nov 2017 02:56:47 +0300
On Thu, Nov 02, 2017 at 03:16:55PM +0300, gremlin () gremlin ru wrote:
Just look at this code and guess how it would be compiled on most systems: ======================================== /* Chroot and drop privileges */ if (secure) { if (chroot(".")) { syslog(LOG_ERR, "chroot: %m"); exit(EX_OSERR); } #ifdef __CYGWIN__ chdir("/"); /* Cygwin chroot() bug workaround */ #endif } ======================================== :-)
Sorry, why do you think that chdir(dir) == 0 && chroot(".") == 0 is any worse than chroot(dir) == 0 && chdir("/") == 0 assuming that you have control over your signal handlers and can ensure they won't issue any chdir or chroot calls between these two calls? -- ldv
Attachment:
signature.asc
Description:
Current thread:
- tftpd-hpa - insecure chroot() gremlin (Nov 02)
- Re: tftpd-hpa - insecure chroot() Dmitry V. Levin (Nov 03)
- Re: tftpd-hpa - insecure chroot() gremlin (Nov 06)
- Re: tftpd-hpa - insecure chroot() Dmitry V. Levin (Nov 03)