[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chmod/chown -R - maybe an ITP



This problem was originally found with rm -r in crontabs, and while now the
programs being raised are chown/chmod I'm sure if we just fix chown/chmod
someone will only point out another binary that can exploited. gzip -r, tar,
anything that recurses could one day be a security hole.

BSD libc provides a generic recurse-safely kind of function with some suitably
inscrutable acronym (I'm told "fts"). The idea is to implement this critical
code once correctly somewhere common so applications don't have to reinvent
the wheel and introduce security holes every time.

It's quite tricky to do right, you have to hold open file descriptors for all
your parent directories and compare them to ".." as you recurse down, and you
have to do lstats,fstats etc on everything before and after you open it.

-- 
greg


Reply to: