[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: uudecode bug (?)

From: martin f krafft
Subject: Re: uudecode bug (?)
Date: Mon, 10 Jun 2002 13:55:47 +0200
User-agent: Mutt/1.3.28i

also sprach Santiago Vila <address@hidden> [2002.06.10.1341 +0200]:
> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037
> Well, this is Unix, and the user is supposed to know what he/she is doing.
> Not checking for a symlink or a pipe does not make uudecode more
> dangerous than it is *already*. A uuencoded .profile is already
> dangerous enough, for example.

i fully agree with you. nevertheless, we're also dealing with a race
condition here. there are millions of cycles between me `ls` checking
for a file that already exists, and uudecode actually fopen()ing the
file for 'w' mode. if a file exists and it's overwritten, then no
biggie, but a symlink or pipe do not really represent anything to be
overwritten and are thus dangerous, i find.

at least, uudecode should notify the person and ask for confirmation.
again: this only applies to symlinks and pipes. if uudecode truncates
a file as it's unpacking, that's totally fine.

my 2 pfennige (damn euro!)

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; address@hidden
laugh alone and the world thinks you're an idiot.

Attachment: pgplV3bjBP3L9.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]