vulnerabilty fixed
Thiago Macieira
thiagom at wanadoo.fr
Thu Oct 31 23:53:43 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alexander Neundorf wrote:
>there was a vulnerabilty in kdenetwork/lanbrowsing/lisa/ running in
> restricted mode (reslisa), which enabled a local root exploit, I fixed it
> immediatly as it was reported to me.
>
>Has sun_path on every system the same size ?
>It's 108 bytes on my box, but google told me also something about 64 bytes.
>Any reliable information ?
It has no defined size, as far as I know. On Linux, it's 108-bytes long, but
it just seems an arbitrary value.
You should check the size of the sun_addr structure and subtract the offset of
the sun_path member, if you need to know how big it is. Or, another solution
is not to use sun_addr's by themselves, but only pointers and allocate (with
malloc) as many bytes as are needed to fit your pathname.
See kdecore/netsupp.cpp for an exemple on how I did it and, so far, hasn't
been exploited :)
- --
Thiago Macieira - UFOT Registry number: 1001
thiagom at mail.com
ICQ UIN: 1967141 PGP/GPG: 0x6EF45358
Registered Linux user #65028
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9wcKHM/XwBW70U1gRApx7AJ4toDpZi9VqmuVofrYZyR4Ieu0hogCgnDs/
VqLosM7C51eMXWZIym0sdMc=
=Nwi0
-----END PGP SIGNATURE-----
More information about the kde-core-devel
mailing list