[patch] add modes to open call of ismounted

Rich Felker dalias at aerifal.cx
Sat Jul 29 03:04:29 UTC 2006


On Fri, Jul 28, 2006 at 06:39:02PM -0400, Rob Landley wrote:
> On Thursday 20 July 2006 10:09 pm, Rich Felker wrote:
> > On Thu, Jul 20, 2006 at 03:24:23PM -0700, Erik Hovland wrote:
> > > The ismounted.c file makes a call to open using O_CREAT but does not
> > > specify file permission modes. This is slightly dangerous since it is
> > > plausible to exploit a file created with world writability. But is not
> > > all that dangerous since the file does not live very long. It would take
> > > a pretty savvy attacker to be able to slip in and do something bad
> > > between the open and the unlink.
> > 
> > No, it's very simple and this vuln is very serious.
> 
> I was on the fence about bothering to fix it (I'm replacing all this code in 
> 1.3 anyway), but this makes me think it's probably not even a real problem at 
> all.

BTW, I accept in general your principle of not fixing stuff unless it
actually has practical problems, as opposed to just theoretical
correctness issues. BUT... security is _not_ a place you can apply
that principle. A potential vuln _is_ exploitable unless you can
_prove_ otherwise. To treat it any other way is utterly irresponsible.

Rich





More information about the busybox mailing list