[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.

Hi,

On Mon, Aug 11, 2003 at 06:53:19PM +0200, Bernd Eckenfels wrote:

> On Mon, Aug 11, 2003 at 06:13:10PM +0200, Emile van Bergen wrote:
> > To make the wrapper unwritable both by the user and the per-game
> > uid/gid, make it setuid root
> 
> i guess this is called sudo?

Yes, a custom version of that, but indeed, perhaps sudo could be
persuaded to do the same. 

> >         /* securely obtain /usr/lib/games/`basename $0` */
> > 
> >         if (!argv[0]) return 2;
> >         me = strrchr(argv[0], '/');
> >         if (me) me++; else me = argv[0];
> >         melen = strlen(me);
> >         if (melen < 1 || melen > sizeof(realgame) - 16) return 3;
> 
> you need to check for ..

Why? '../file' still contains the '/' separator and thus gives 'file' as
'me'.

Cheers,


Emile.

-- 
E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)70 3906153           http://www.e-advies.nl
Reply to: