This is the mail archive of the libc-alpha@sourceware.cygnus.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: Possible pt_chown vulnerability


>>>>> Mark Kettenis writes:

Mark>    From: Florian Weimer <Florian.Weimer@rus.uni-stuttgart.de> 
Mark>    Date: 18 Jan 2000 12:31:46 +0100 

Mark>    Last summer, the following vulnerability was discussed on BUGTRAQ.  It
Mark>    never resulted in changes to glibc, and Andreas Jaeger told me that
Mark>    you weren't notified.

Mark> Well, Andreas is wrong (although I don't blame him for not
Mark> remembering), and the bug is already fixed.  The tricky part is that
Mark> no changes were made to login/programs/pt_chown.c itself.  Instead a
Mark> bug in ptsname() was fixed:

Thanks for the looking it up.

Mark>    1999-08-25  Mark Kettenis  <kettenis@gnu.org>

Mark> 	   * sysdeps/unix/sysv/linux/ptsname.c: Add checks to make sure we're
Mark> 	   really dealing with a master pseudo terminal, and really returning
Mark> 	   the name of the associated slave pseudo terminal by checking the
Mark> 	   device number.


Mark> I belive this fix was already in glibc-2.1.2, but I'm not entirely
Mark> sure.
I've just checked it: The patch is in glibc 2.1.2.

Andreas
-- 
 Andreas Jaeger
  SuSE Labs aj@suse.de
   private aj@arthur.rhein-neckar.de

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]