Re: SECURITY PROBLEM: autofs [all versions]

To: Joey Hess <joeyh@debian.org>
Cc: Robert Bihlmeyer <robbe@orcus.priv.at>, debian-devel@lists.debian.org
Subject: Re: SECURITY PROBLEM: autofs [all versions]
From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
Date: Wed, 05 Jul 2000 18:00:19 -0400
Message-id: <[🔎] 3963AFF3.2965F197@aet-usa.com>
References: <[🔎] Pine.LNX.4.21.0007031444060.854-100000@yakko.doogie.org> <[🔎] 3961600C.A5900B29@aet-usa.com> <[🔎] 20000704053109.L3790@tardis.ed.ac.uk> <[🔎] 3961F742.420FBD4D@aet-usa.com> <[🔎] 20000704121101.A3872@x8b4e53cd.dhcp.okstate.edu> <[🔎] 39622093.85E1F548@aet-usa.com> <[🔎] 87n1jxr1l6.fsf@hoss.orcus.priv.at> <[🔎] 3962722E.E430BBC2@aet-usa.com> <[🔎] 20000705144905.N31582@kitenet.net>

Joey Hess wrote:
> 
> Christopher W. Curtis wrote:
> > It is essentially a "crash" - a term I initially used quoted, and
> > dropped the quotes later.  The program made an insufficient check and
> > tried to run an illegal set of instructions.  Under unix, this often
> > results in a core dump.  Under Windows, a UAE.  The shell happens to
> > ignore it and continue processing.  But the lack of a core dump does not
> > mean it's correct.
> 
> Oh baloney. Trying to run a non-executable file will never cause a core
> dump.

And I certainly never made any claim it would.

However:

int main()
{	FILE *foo = popen( "non-executable.file", "r+ );
	fprintf( foo, "hmm" );
}
	
> You're grasping at straws. Give it up.

I am inundated with straws.

Christopher

Reply to:

Follow-Ups:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Joey Hess <joeyh@debian.org>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Lars Wirzenius <liw@iki.fi>

References:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Adam Heath <adam@doogie.org>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Mark Brown <broonie@tardis.ed.ac.uk>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: SECURITY PROBLEM: autofs [all versions]
Next by Date: Re: SECURITY PROBLEM: autofs [all versions]
Previous by thread: Re: SECURITY PROBLEM: autofs [all versions]
Next by thread: Re: SECURITY PROBLEM: autofs [all versions]
Index(es):
- Date
- Thread