bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: first draft of "relocatable" module


From: Ralf Wildenhues
Subject: Re: first draft of "relocatable" module
Date: Fri, 2 Mar 2007 08:57:23 +0100
User-agent: Mutt/1.5.14 (2007-02-28)

Hello Bruno,

* Bruno Haible wrote on Fri, Mar 02, 2007 at 02:30:07AM CET:
> Ralf Wildenhues wrote:
> 
> > >   for example, --prefix=/tmp/inst$$.
> > 
> > This bit doesn't.  Since /tmp is usually world-writable, you've got your
> > attack vector already.
> 
> /tmp is world-writable but a directory created by a user in /tmp is not
> world-writable (assuming an umask of at least 002). Therefore I don't see
> a security problem here.

On several systems that I know, /tmp is cleaned at system startup, or
old files are removed at regular intervals.  So after you've installed
your stuff, at some point /tmp/inst$$ is removed again (possibly even by
you).  At that time, I can write to /tmp/inst$$.  I can usually even
look at your binaries (in the final location) first to find out about
the value of $$ that was used by you at 'make install' time.

That's a trivial attack on the systems where run path overrides the
shared library path variable.

Cheers,
Ralf




reply via email to

[Prev in Thread] Current Thread [Next in Thread]