Subject: Re: vixie-crontab vunerable?
To: None <email@example.com>
From: Gordon W. Ross <firstname.lastname@example.org>
Date: 12/16/1996 16:15:25
> Date: Mon, 16 Dec 1996 21:06:00 +0000 (GMT)
> From: David Brownlee <email@example.com>
> X-Sender: firstname.lastname@example.org
> Reply-To: David Brownlee <email@example.com>
> Cc: firstname.lastname@example.org, email@example.com,
> Mime-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> On Mon, 16 Dec 1996, Gordon W. Ross wrote:
> > > From: Bill Sommerfeld <firstname.lastname@example.org>
> > >
> > > Hmm. Anyone for producing a "libcsafe" which doesn't include:
> > >
> > > strcat
> > > strcpy
> > > sprintf
> > > gets
> > >
> > > and other "unsafe", but traditional, interfaces, and then linking all
> > > setuid system programs against it instead of libc?
> > You could also create a "libcsafe" that DOES include those functions,
> > and ONLY those, but where those functions all just call abort. You
> This feels wrong to me - you either want the program not to link
> at all, or to link and run. Having a program that links, then
> at some random time later aborts due to a little used code
> branch calling sprintf.... especially a daemon...
OK, good point. One could still do something similar though, by
providing non-function leaf routines that intentionally call some
non-existent function. For example,
extern void strcpy_should_not_be_defined(void);
char *strcpy(char *dst, char *src)
As long as the functions named "*_should_not_be_defined" are
indeed not defined, then your program will not link.
Again, this library would only be used with set*id programs...