Vulnerability Development mailing list archives

Re: BSD chfn bug

From: imp () VILLAGE ORG (Warner Losh)
Date: Tue, 28 Dec 1999 10:05:40 -0700


In message <19991228165015.94446.qmail () hotmail com> "FARAZ JAMSHED" writes:
: >>In message <Pine.LNX.4.20.9912251656310.23074->>100000 () pet notbsd org>
: >>"Stanislav N. Vardomskiy" writes:
: >>: This just *might* be a problem.
: >
: >Not the way you think.  You have no control over the name of the file
: >created.
: >
: >Warner
:
: yes we could have control by setting the right UMASK settings...

How?  It creates the file in /etc.  You must have write permissions to
the directory in order to rename files, which you won't have unless
you are already root.  Setting the permissions on the *file* won't
change this at all.  You still can't rename it (and I did try just
now).  And since chfn, et al use mkstemp, you can't race it either.

Warner

Current thread:

Re: BSD chfn bug FARAZ JAMSHED (Dec 28)
- Re: BSD chfn bug Warner Losh (Dec 28)
- Re: BSD chfn bug (aka ssh quirks/killing thread) Blue Boar (Dec 28)
- leaky kernel ? ;) mIV (Dec 29)
  - Re: leaky kernel ? ;) H D Moore (Dec 29)
  - Re: leaky kernel ? ;) Wakko Ellington Warner-Warner III (Dec 30)
  - Re: leaky kernel ? ;) Andrei D. Caraman (Dec 30)