Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: None <firstname.lastname@example.org>
From: Giles Lean <email@example.com>
Date: 12/30/1996 12:23:12
On Sun, 29 Dec 1996 17:32:36 -0500 "Perry E. Metzger" wrote:
> > OpenBSD has added -print0 to find(1) and -0 to xargs(1), based on
> > the...
> > Anyone want a re-written /etc/security that uses these?
> It won't do a damn bit of good, as it has nothing to do with the
> security problem.
I wonder if we're talking about the same things?
There were two holes in the original advisory:
1. shell metacharacter vulerability of 'ls ... | sh' code
This can be fixed by using 'find ... -print0 | xargs -0 ls ...',
but the current NetBSD find and xargs programs don't support these
I have made this change here and my previous exploit doesn't even
cause a hiccup anymore.
2. insecure temporary files
As noted in various places mkdir is atomic, so creating a directory
to store temporary files in (after umask has been reset) is safe if
Happy New Year,