This is the mail archive of the libc-hacker@cygnus.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: Fwd: libc6 vulnerability


> Mail-Copies-To: never
> Cc: libc-hacker@cygnus.com
> From: Andreas Jaeger <aj@arthur.rhein-neckar.de>
> Date: 08 Feb 1999 09:04:55 +0100

> -  hconf_name = getenv (ENV_HOSTCONF);
> -  if (hconf_name == NULL)
> +  filename = getenv (ENV_HOSTCONF);
> +  if (filename != NULL && euidaccess (filename, R_OK) >= 0)

Don't do that.  It would create a race condition if `filename' was
actually a symbolic link that was changed between the euidaccess() and
the open().  Instead, use secure_getenv.

-- 
Geoffrey Keating <geoffk@ozemail.com.au>


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]