Re: setuid/setgid binaries contained in the Debian repository.
On Mon, Aug 11, 2003 at 06:53:19PM +0200, Bernd Eckenfels wrote:
> On Mon, Aug 11, 2003 at 06:13:10PM +0200, Emile van Bergen wrote:
> > /* securely obtain /usr/lib/games/`basename $0` */
> >
> > if (!argv[0]) return 2;
> > me = strrchr(argv[0], '/');
> > if (me) me++; else me = argv[0];
> > melen = strlen(me);
> > if (melen < 1 || melen > sizeof(realgame) - 16) return 3;
>
> you need to check for ..
".." is perfectly safe as long as it isn't followed by a "/", which is
ensured by the code above.
--
- mdz
Reply to: