Re: [SECURITY] FDs 0, 1, 2 for SUID/SGID programs

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Tue Apr 23 2002 - 04:04:20 EST

Next message: Adam McKenna: "oops in 2.4.14-xfs (xfs release 1.0.2)"
Previous message: David S. Miller: "Re: PowerPC Linux and PCI"
In reply to: Florian Weimer: "[SECURITY] FDs 0, 1, 2 for SUID/SGID programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> http://www.pine.nl/advisories/pine-cert-20020401.html probably affects
> Linux, too (if a SUID/SGID program is invoked with FD 2 closed, error
> messages might be written to a file opened by the program ).

Unix requires this behaviour. Its an old and common bug to get it
wrong. glibc intentionally provides some cover
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adam McKenna: "oops in 2.4.14-xfs (xfs release 1.0.2)"
Previous message: David S. Miller: "Re: PowerPC Linux and PCI"
In reply to: Florian Weimer: "[SECURITY] FDs 0, 1, 2 for SUID/SGID programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Apr 23 2002 - 22:00:34 EST