[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GNU Parallel Security Advisory: GNU Parallel can be tricked into overwri
|
From: |
Ole Tange |
|
Subject: |
GNU Parallel Security Advisory: GNU Parallel can be tricked into overwriting a file |
|
Date: |
Thu, 23 Apr 2015 02:43:45 +0200 |
Short Summary
- -------------
GNU Parallel can be tricked into overwriting a file owned by the user
running GNU Parallel.
Published: 2015-04-22
Remote: No
Local: Yes
Ease: No exploits available - requires precise timing
Impact
- ------
An local attacker can exploit this issue to overwrite a file with a
one byte file.
Technical Description
- ---------------------
The vulnerability lies in GNU Parallel's way of creating temporary
files while at the same time trying to remove these ASAP so if GNU
Parallel is stopped there will be no temporary files to clean up.
So far this has been done by creating a temporary file and removing it
immediately. For some task the file will be recreated and removed at a
later stage. It is this last part that makes GNU Parallel vulnerable:
If an attacker sees the temporary file being created, and then
removed, he has 15 ms to create a symlink with the same name to a file
owned by the user. And if the file is then being recreated this will
overwrite the user's file.
GNU Parallel is vulnerable when using --pipe, --tmux, --cat, --fifo,
or --compress.
The problem has been fixed for most situations, but it still exists
for: --tmux if run locally, and --cat, --fifo if run remotely using
--sshlogin. For remote situations the time window is longer than 15
ms: The attacker will be able to see the ssh command being sent on the
client, and will then be able to create the file on the server while
the ssh connection is being established.
Solutions
- ---------
Upgrading to 20150422 will fix most situations.
For the remaining situations there are the following work-arounds. Any
of these will protect against the attack:
* Let --tmpdir/$TMPDIR point to a dir that is only writable by the user
* Do not use --tmux
* Do not use --cat or --fifo when also using --sshlogin
* Do not use system shared with attackers
If an upgrade is impossible any of these work-arounds will guard
against an attack:
* Let --tmpdir/$TMPDIR point to a dir that is only writable by the user
* Do not use --tmux
* Do not use --cat or --fifo or --pipe or --compress
* Do not use system shared with attackers
Vulnerable Systems
- ------------------
Any system running GNU Parallel 20101222 <= version < 20150422 is vulnerable.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- GNU Parallel Security Advisory: GNU Parallel can be tricked into overwriting a file,
Ole Tange <=