Re: Serious security problem! [Was: base system on boot floppies 2.2.3 broken]
On Sat Jan 01, 2000 at 12:55:19PM -0700, Erik Andersen wrote:
> On Fri Dec 31, 1999 at 09:13:14AM -0700, Randolph Chung wrote:
> >
> > > 2) any file or directory that has a symlink associated with it has
> > > permissions of 777 this includes much of the libc, /sbin/init
> > > /usr/sbin/adduser, and many many many more. also most of
> > > /usr/share/doc had mode 777.
>
> Verified. Sigh. This is a release critical security problem
> that leaves libc (and everything else pointed to by a symlink
> in the base system) vulnerable after a fresh install.
>
[----------snip---------]
>
> everybody to take a careful look at busybox tar, ok?
>
> I'm testing it now by:
> cp base2_2.tgz /tmp
> mkdir foo
> cd foo
> <path_to_busybox>/busybox zcat ../base2_2.tgz | <path_to_busybox>/busybox tar -xf -
> cd ..
> mkdir bar
> cd bar
> tar -xzf ../base2_2.tgz
>
> and then comparing files from foo and bar.
Ok, I just checked in a fix. Please, could everybody check out the
latest boot floppies and test this?
/me hides in shame,
-Erik
--
Erik B. Andersen Web: http://www.xmission.com/~andersen/
email: andersee@debian.org
--This message was written using 73% post-consumer electrons--
Reply to: