In message <[EMAIL PROTECTED]>, "Jarno Huuskonen"
writes:
> If you look a little below you'll see a call to FileDelete(strName); So
> first you create a file with mkstemp and then unlink it. And because
> cFileArchive::OpenReadWrite(line 708) then opens the same file(name) without
> O_EXCL there still is a race. So I don't think this is a sufficient fix.
> You should make cFileArchive::OpenReadWrite use O_EXCL.
> I have --> untested <-- patch (probably fails horribly ;-) for this:
> http://www.uku.fi/~jhuuskon/Patches/tripwire-2.3.1-2-O_EXCL.patch
I applied your patch to the upcoming FreeBSD Tripwire-2.3.1 port. I
tested it and it works!
>
> > We haven't had a chance to install the commercial version yet, however
> > if the commercial version is vulnerable (I've notified TripwireSecurity
> > of the possibility and I'm betting dollars to donuts that is might be)
> > a possible workaround would be to create a shared library with a
> > function named mktemp which would call mkstemp() as in the patches
> > above, then execute tripwire using LD_PRELOAD to load the mktemp
> > wrapper.
>
> On Thu, Jul 12, Cy Schubert - ITSD Open Systems Group wrote:
> Back in january the binary tripwire 2.2.1 for linux was statically
> compiled / linked. Can you use LD_PRELOAD with static executables ?
LD_PRELOAD only works on dynamically linked binaries.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Internet: [EMAIL PROTECTED]
Open Systems Group, ITSD, ISTA
Province of BC
