[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: uudecode bug (?)
From: |
Paul Eggert |
Subject: |
Re: uudecode bug (?) |
Date: |
Mon, 10 Jun 2002 11:02:37 -0700 (PDT) |
> From: Santiago Vila <address@hidden>
> Date: Mon, 10 Jun 2002 13:41:17 +0200 (CEST)
>
> Moreover, uudecode(1) says:
>
> STANDARDS
> This implementation is compliant with P1003.2b/D11.
>
> Does someone knows whether the proposed change is compatible with
> this standard?
The proposed change does not conform to POSIX 1003.1-2001, which
supersedes P1003.2b/D11.
To conform to POSIX, you'd have to enable the proposed behavior only
if a new option were set, or if POSIXLY_CORRECT were not set, or
something like that.
Also, the proposed change in
<ftp://updates.redhat.com/7.0/en/os/SRPMS/sharutils-4.2.1-8.7.x.src.rpm>
does not fix the security problem entirely; a determined attacker can
still get through, even if that patch is installed.
> From: Andrew D Jewell <address@hidden>
> Date: Mon, 10 Jun 2002 10:44:37 -0400
>
> Perhaps there is a common option that many gnu utils should add,
> which is a little bit like the '-f' option in cp :
>
> -P, --paranoid : always open output files with
> "unlink(foo); open(foo, O_EXCL | O_CREATE)"
That is not sufficiently paranoid, since it is vulnerable to
denial-of-service attacks. Also, unlink(foo) can unlink directories
on some hosts.
It wouldn't hurt to add some documentation about the problem, though.