bug-gnuzilla
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: run-icecat.sh possible vulnerability


From: Giuseppe Scrivano
Subject: Re: run-icecat.sh possible vulnerability
Date: Wed, 01 Jun 2011 09:19:05 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux)

Thanks, the patch looks fine.  Can you please also provide the ChangeLog
file entry?

Cheers,
Giuseppe



Hayawardh V <address@hidden> writes:

> Hi, 
>
> I am attaching a patch for the same. 
> Please keep me updated on the course of action regarding this. 
>
> Thanks, 
> Hayawardh
>
> On Mon, May 30, 2011 at 7:22 PM, Hayawardh V <address@hidden>
> wrote:
>
>     Hi, 
>     
>     In run-icecat.sh in the latest icecat svn are lines such as : 
>     LD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:$
>     {MRE_HOME}${LD_LIBRARY_PATH+":$LD_LIBRARY_PATH"}
>     
>     Note that this insecure LD_LIBRARY_PATH would lead icecat to
>     search in the current working directory for libraries. If
>     malicious libraries are, for example, downloaded off the Internet,
>     then those would be loaded instead. 
>     
>     This can be simply fixed as follows (note the : following
>     LD_LIBRARY_PATH): 
>     
>     LD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:$
>     {MRE_HOME}${LD_LIBRARY_PATH:+":$LD_LIBRARY_PATH"}
>     
>     It seems similar to the issue that Firefox had a few months before
>     : 
>     https://bugzilla.mozilla.org/show_bug.cgi?id=590753
>     
>     Thanks, 
>     Hayawardh
>     
>     
>     
>
>
> --- run-icecat.sh.orig        2011-05-30 14:16:14.000000000 -0400
> +++ run-icecat.sh     2011-05-30 19:39:03.000000000 -0400
> @@ -310,36 +310,36 @@
>  }
>  if moz_should_set_ld_library_path
>  then
> -     
> LD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARY_PATH+":$LD_LIBRARY_PATH"}
> +     
> LD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARY_PATH:+":$LD_LIBRARY_PATH"}
>  fi
>  
>  if [ -n "$LD_LIBRARYN32_PATH" ]
>  then
> -     
> LD_LIBRARYN32_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARYN32_PATH+":$LD_LIBRARYN32_PATH"}
> +     
> LD_LIBRARYN32_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARYN32_PATH:+":$LD_LIBRARYN32_PATH"}
>  fi
>  if [ -n "$LD_LIBRARYN64_PATH" ]
>  then
> -     
> LD_LIBRARYN64_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARYN64_PATH+":$LD_LIBRARYN64_PATH"}
> +     
> LD_LIBRARYN64_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARYN64_PATH:+":$LD_LIBRARYN64_PATH"}
>  fi
>  if [ -n "$LD_LIBRARY_PATH_64" ]; then
> -     
> LD_LIBRARY_PATH_64=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARY_PATH_64+":$LD_LIBRARY_PATH_64"}
> +     
> LD_LIBRARY_PATH_64=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/plugins:${MRE_HOME}${LD_LIBRARY_PATH_64:+":$LD_LIBRARY_PATH_64"}
>  fi
>  #
>  #
>  ## Set SHLIB_PATH for HPUX
> -SHLIB_PATH=${MOZ_DIST_BIN}:${MRE_HOME}${SHLIB_PATH+":$SHLIB_PATH"}
> +SHLIB_PATH=${MOZ_DIST_BIN}:${MRE_HOME}${SHLIB_PATH:+":$SHLIB_PATH"}
>  #
>  ## Set LIBPATH for AIX
> -LIBPATH=${MOZ_DIST_BIN}:${MRE_HOME}${LIBPATH+":$LIBPATH"}
> +LIBPATH=${MOZ_DIST_BIN}:${MRE_HOME}${LIBPATH:+":$LIBPATH"}
>  #
>  ## Set DYLD_LIBRARY_PATH for Mac OS X (Darwin)
> -DYLD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MRE_HOME}${DYLD_LIBRARY_PATH+":$DYLD_LIBRARY_PATH"}
> +DYLD_LIBRARY_PATH=${MOZ_DIST_BIN}:${MRE_HOME}${DYLD_LIBRARY_PATH:+":$DYLD_LIBRARY_PATH"}
>  #
>  ## Set LIBRARY_PATH for BeOS
> -LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/components:${MRE_HOME}${LIBRARY_PATH+":$LIBRARY_PATH"}
> +LIBRARY_PATH=${MOZ_DIST_BIN}:${MOZ_DIST_BIN}/components:${MRE_HOME}${LIBRARY_PATH:+":$LIBRARY_PATH"}
>  #
>  ## Set ADDON_PATH for BeOS
> -ADDON_PATH=${MOZ_DIST_BIN}${ADDON_PATH+":$ADDON_PATH"}
> +ADDON_PATH=${MOZ_DIST_BIN}${ADDON_PATH:+":$ADDON_PATH"}
>  #
>  ## Solaris Xserver(Xsun) tuning - use shared memory transport if available
>  if [ "$XSUNTRANSPORT" = "" ]
> --
> http://gnuzilla.gnu.org



reply via email to

[Prev in Thread] Current Thread [Next in Thread]