Brendan O'Dea <[EMAIL PROTECTED]> wrote:
> both of these issues obviously stem from the same root cause--a race
> between generating a list of files, then manipulating that list.
The first issue "also" relies on Path.pm trying to be clever:
# notabene: 0777 is for making readable in the first place,
# it's also intended to change it to writable in case we have
# to recurse in which case we are better than rm -rf for
# subtrees with strange permissions
> I don't really see that this is fixable outside of rewriting rmtree to
> recursively chdir+readdir+unlink.
> Given that there are possible pitfalls even with this approach (cf.
> CVE-2002-0435) ...
That pitfall is known and easily avoided by double-checking inodes.
> ... I'm considering punting the problem to fileutils,
> replacing rmtree entirely with the attached subroutine.
> [p5p:] If anyone had a cleaner (and cross-platform) fix, I'd love to
> hear of it.
I am not sure that all platforms have fileutils: no -v option on rm.
(Tru64 doesn't.)
Rafael Garcia-Suarez <[EMAIL PROTECTED]> wrote:
> How does this relate to the Debian patch 22_fix_file_path
> for CAN-2004-0452 ? ...
CAN-2004-0452 exploited the "chmod 0777", the fix changed the mode
to 0700 (and 0666 to 0600) but did not avoid the race.
Cheers,
Paul Szabo - [EMAIL PROTECTED] http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
