[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

du wildcards interpretation security flaw

From: Hans-Christian Armingeon
Subject: du wildcards interpretation security flaw
Date: Thu, 28 Feb 2002 17:53:13 +0100

I ve got a file in my home directory, that begins with a "-".
See the output of du -sh * below. Maybe tomeone could place some nasty files in 
temp, and whet root does a du, then...

io-ii:/data/sort/johnny # du -sh *
du: invalid option -- p
Try `du --help' for more information.
io-ii:/data/sort/johnny #
io-ii:/data/sort/johnny # du -sh -- *
400k    -pilot-link.0.9.3.tar.bz2
The exploit below doesn't work:
touch \>\ xyz
io-ii:/tmp/xxxxx # du -sh *
0       > xyz
0       a
0       aa
0       aaaa

Maybe there are some more clever/nasty persons out there, who could develop a 
"better" exploit.

I don't think that root appends -- to every command he types in

Don't hesitate to contact me.

Thanks in advance, and thank you for developing the GNU utils,


reply via email to

[Prev in Thread] Current Thread [Next in Thread]