[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: uudecode bug (?)
From: |
martin f krafft |
Subject: |
Re: uudecode bug (?) |
Date: |
Mon, 10 Jun 2002 13:55:47 +0200 |
User-agent: |
Mutt/1.3.28i |
also sprach Santiago Vila <address@hidden> [2002.06.10.1341 +0200]:
> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037
>
> Well, this is Unix, and the user is supposed to know what he/she is doing.
> Not checking for a symlink or a pipe does not make uudecode more
> dangerous than it is *already*. A uuencoded .profile is already
> dangerous enough, for example.
i fully agree with you. nevertheless, we're also dealing with a race
condition here. there are millions of cycles between me `ls` checking
for a file that already exists, and uudecode actually fopen()ing the
file for 'w' mode. if a file exists and it's overwritten, then no
biggie, but a symlink or pipe do not really represent anything to be
overwritten and are thus dangerous, i find.
at least, uudecode should notify the person and ask for confirmation.
again: this only applies to symlinks and pipes. if uudecode truncates
a file as it's unpacking, that's totally fine.
my 2 pfennige (damn euro!)
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" address@hidden
laugh alone and the world thinks you're an idiot.
pgplV3bjBP3L9.pgp
Description: PGP signature