[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #17427] CVE-2005-1039, chmod race in mkdir, mkfifo, mknod
From: |
Paul Eggert |
Subject: |
[bug #17427] CVE-2005-1039, chmod race in mkdir, mkfifo, mknod |
Date: |
Thu, 24 Aug 2006 22:23:24 -0700 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 |
Update of bug #17427 (project coreutils):
Status: None => Wont Fix
Open/Closed: Open => Closed
_______________________________________________________
Follow-up Comment #1:
[I also replied to the Debian bug list, but here's another copy.]
This patch doesn't look safe to me. mkfifo and mknod should not open
device files or fifos, since this has undesirable side effects in some
cases. For example, opening and then closing a tape drive might
rewind it.
As I wrote in April 2005, the original security issue is not a
vulnerability in coreutils; it's a problem inherent to the Unix model.
We cannot "fix" it by patching coreutils (and hundreds of other
utilities). We must simply say: users cannot rely on directories that
are writeable by untrusted users, unless the directories are sticky
and are owned by trusted users. Sorry, but that's life in the
Unix/Linux world.
That being said, mkdir can be made a bit "safer". It cannot be made
completely "safe", though, in the sense that you're asking for, since
in some cases mkdir won't be able to read the newly-created directory
(and therefore can't open it) but POSIX still requires mkdir to chmod
it in this case. Hence the patch you submitted here isn't quite
right, since it sometimes gives up when it shouldn't. We have fixed
mkdir a different way in coreutils test version 6.1
<ftp://alpha.gnu.org/gnu/coreutils/coreutils-6.1.tar.gz>, so that it
uses fchmod if possible, and falls back on chmod otherwise.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?17427>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/