[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx...
|
From: |
Matthew Kelly |
|
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx... |
|
Date: |
Thu, 8 May 1997 11:57:37 -0400 (EDT) |
On Thu, 8 May 1997, Alan Cox wrote:
>> each other, not as a (FILE *). Modifying this would require some major
>> restructuring. The "security" of mkstemp() seems to rely on files
>> being passed as open FILE pointers, and filenames not being reused. (Of
>> course I may be missing something obvious here...)
>
>Indeed. In that case you need to plonk the temporary files into ~me/.lynx/cache
Not every system has room in the user directories for all the lynx cache
files. On this system quotas on the home filesystem range between 1/5 meg
to 2megs and I don't see these as being very low numbers on large
multiuser systems -- probably quite common in settings like schools, etc
where lynx may be offered.
I don't think there's any way around a /tmp directory that doesn't have
the sticky bit set. There isn't any monkeying that we can do to prevent
the file from being moved/deleted unless the admin sets sticky. Perhaps
the only thing we should do is present a warning message if the temp dir
does not have appropriate permissions set (ie sticky if world writeable)
that tells them either
(1) contact their admin to set sticky on the temp
dir and provide a URL to give the admin for more info on the problem
or (2) run lynx using their homedir as the temp space.
I don't this Lynx is the problem here -- a non-sticky /tmp causes problems
down to the OS (eg ps_data race condition on Solaris -- fixed by Sun by
making /tmp sticky). Lets not change our default behaviour, but advise
the user when running in an insecure situation.
my thoughts...
Matt
>
>Now that is a tiny modification and one that we can get into lynx-2.7.2 and
>have that version up and done before the CERT advisory comes out and has
>everyone deleting lynx off public machines.
>
>Moving it to the home directory is nice and simple and if it can be done
>in under a week or so it is a golden opportunity to get people to upgrade.
>Many many people will see the CERT advisory, including sysadmins with 2.4,
>2.5 and other prehistoric releases.
------------------------------------------------------------------------------
Matthew Kelly
address@hidden
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- RE: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], (continued)
- RE: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/07
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/07
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Larry W. Virden, x2487, 1997/05/07
- LYNX-DEV Re: ...vulnerability in Lynx..., Klaus Weide, 1997/05/07
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jim Spath (Webmaster Jim), 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jim Spath (Webmaster Jim), 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx...,
Matthew Kelly <=
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Foteos Macrides, 1997/05/07
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/08