[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cp, ln, mv, install: check for vulnerable target directories
From: |
Kaz Kylheku (Coreutils) |
Subject: |
Re: cp, ln, mv, install: check for vulnerable target directories |
Date: |
Wed, 20 Sep 2017 15:58:26 -0700 |
User-agent: |
Roundcube Webmail/0.9.2 |
On 19.09.2017 00:25, Paul Eggert wrote:
For years cp and friends have been subject to a symlink attack, in
that seemingly-ordinary commands like 'cp a b' can overwrite arbitrary
directories that the user has access to, if b's parent directory is
world-writable and is not sticky and is manipulated by a malicious
user.
From patch:
PE> +environment variable.) For example, if @file{/tmp/risky/d} is a
PE> +directory whose parent @file{/tmp/risky} is is world-writable and
is
PE> +not sticky, the command @samp{cp passwd /tmp/risky/d} fails with
PE> +a diagnostic reporting a vulnerable target directory, as an
attacker
PE> +could replace @file{/tmp/risky/d} by a symbolic link to a victim
PE> +directory while @command{cp} is running. In this example, you can
PE> +suppress the heuristic by issuing one of the following shell
commands
PE> +instead:
Instead of checking for what *could* go wrong, why not defend more
specifically against signs that the attack might be actually happening.
Somehow detect, "Uh oh! Parent is writable by another non-root user, and
the last component opened through a symlink!" while carefully guarding
against race conditions that could render such a defense tactic less
than
fully effective.
- cp, ln, mv, install: check for vulnerable target directories, Paul Eggert, 2017/09/19
- Re: cp, ln, mv, install: check for vulnerable target directories, Pádraig Brady, 2017/09/20
- Re: cp, ln, mv, install: check for vulnerable target directories, Bernhard Voelker, 2017/09/20
- Re: cp, ln, mv, install: check for vulnerable target directories, Paul Eggert, 2017/09/20
- Re: cp, ln, mv, install: check for vulnerable target directories,
Kaz Kylheku (Coreutils) <=
- Re: cp, ln, mv, install: check for vulnerable target directories, Paul Eggert, 2017/09/20
- Re: cp, ln, mv, install: check for vulnerable target directories, Kaz Kylheku (Coreutils), 2017/09/21
- Re: cp, ln, mv, install: check for vulnerable target directories, Kaz Kylheku (Coreutils), 2017/09/21
- Re: cp, ln, mv, install: check for vulnerable target directories, Kaz Kylheku (Coreutils), 2017/09/21
- Re: cp, ln, mv, install: check for vulnerable target directories, Paul Eggert, 2017/09/21
- Re: cp, ln, mv, install: check for vulnerable target directories, Paul Eggert, 2017/09/25
Re: cp, ln, mv, install: check for vulnerable target directories, Kaz Kylheku (Coreutils), 2017/09/20
- Prev by Date:
Re: cp, ln, mv, install: check for vulnerable target directories
- Next by Date:
Re: cp, ln, mv, install: check for vulnerable target directories
- Previous by thread:
Re: cp, ln, mv, install: check for vulnerable target directories
- Next by thread:
Re: cp, ln, mv, install: check for vulnerable target directories
- Index(es):