[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uuc
From: |
Simon Josefsson |
Subject: |
Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd |
Date: |
Sat, 22 Jul 2023 10:36:01 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Jeffrey <jeffbencteux@gmail.com> writes:
> I found more occurences of unchecked values for set*id() functions in other
> inetutils programs: ftpd, rcp.
>
> It has different security impact if it can be triggered:
>
> * rcp: local privilege escalation to the user running the binary
> * ftpd: undefined behaviour without privilege escalation as all calls are
> to seteuid(0) (gaining root privileges, not dropping it)
>
> I am attaching a consolidated patch to fix these and the previous ones.
Thanks again -- copyright papers have now arrived, and I looked at the
patch, and it seems good. However the patch does not apply cleanly due
to whitespace and line-wrapping problems, can you re-send the patch as
an attachment instead of inline in your email? Please also add NEWS
entries (look at earlier entries as templates).
/Simon
signature.asc
Description: PGP signature
- setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Jeffrey, 2023/07/01
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Jeffrey, 2023/07/01
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Simon Josefsson, 2023/07/03
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd,
Simon Josefsson <=
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Jeffrey, 2023/07/24
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Simon Josefsson, 2023/07/31
- Re: setuid/setgid return values not checked in rlogin, rsh, rshd and uucpd, Jeffrey, 2023/07/31