artswrapper's new braces (Re: artswrapper defanged)
Waldo Bastian
bastian at kde.org
Thu Aug 8 18:42:41 BST 2002
On Wednesday 07 August 2002 08:28 pm, Kevin Puetz wrote:
> There is a (very) slight race in the checking of the permissions on the
> file... however, since the permission being looked for is ownership by
> root, the only user who could make anything of it is root. Since root had
> the right to make the module trusted anyway, this gains no elevation of
> priveledge.
You should use lstat then, otherwise an attacker can make a symlink that
switches very fast between a root-owned module and a malicious module to
exploit this race condition.
> The other issue in question is that of a root-owned .la file pointing to
> untrusted code. Since an ordinary user cannot create this exploit, and it
> should not exist in any default installation (the .la files and shared
> objects are created and installed at the same time, by the same user, with
> the same permissions) we did not feel this was an issue.
Are you sure it can't be faked into loading .so files with the same name from
another location?
Cheers,
Waldo
--
bastian at kde.org | SuSE Labs KDE Developer | bastian at suse.com
More information about the kde-core-devel
mailing list