[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability

On Wed, Jan 10, 2001 at 08:34:13AM +1100, Hamish Moffatt wrote:

> On Tue, Jan 09, 2001 at 09:29:46AM -0500, Ben Collins wrote:
> > Potato is not vulnerable. This is a woody/sid only bug (i.e. glibc
> > 2.1.9x and greater, such as the 2.2 in woody/sid). The bug is not that
> > it prints this info, but that it uses the env variable even when
> > suid/sgid. This wasn't supposed to happen, and the actual fix was a
> > missing comma in the list of secure env vars that were supposed to be
> > cleared when a program starts up suid/sgid (including RESOLV_HOST_CONF).
> What is the purpose of $RESOLV_HOST_CONF anyway, ie what problem
> is it intended to solve?

I assume its purpose is to allow different resolver settings to be used with
individual programs.  For instance, perhaps one program should use DNS, while
another NIS, and still another only the local hosts file for name resolution.
For some programs, setting 'nospoof' will improve security; for others, it will
just cause some lookups to fail needlessly.

 - mdz

Reply to: