This is the mail archive of the
libc-alpha@sourceware.cygnus.com
mailing list for the glibc project.
Re: [Michal Zalewski <lcamtuf@IDS.PL>] [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x
Mark Kettenis <kettenis@wins.uva.nl> writes:
|> From: Andreas Schwab <schwab@suse.de>
|> Date: 25 Aug 1999 11:33:24 +0200
|>
|> Ulrich Drepper <drepper@cygnus.com> writes:
|>
|> |> Andreas Jaeger <aj@arthur.rhein-neckar.de> writes:
|> |>
|> |> > I found this on BugTray. Michal describes an exploit based on
|> |> > pt_chown. Could anybody check this, please?
|> |>
|> |> Already fixed. The glibc 2.1 one, I mean.
|>
|> ??? I cannot see any changes in the 2.1 branch, and what you checked in
|> into the main branch makes pt_chown completely useless.
|>
|> What do you mean Andreas? The fact that unix98_pseudo_p is passed the
|> total device number wheras the actually implementation is designed to
|> get only the device major? Or are you referring to the fact that
|> unix98_pseudo_p doesn't check for BSD-style pseudo terminals?
|> IMHO this check shouldn't be necessary.
Think about it: pt_chown is used *only* for BSD ptys. Unix98 ptys change
their owners automagically, and don't need pt_chown at all.
Andreas.
--
Andreas Schwab "And now for something
schwab@suse.de completely different."
SuSE GmbH, Schanzäckerstr. 10, D-90443 Nürnberg