This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/17897] Multiple 'Dynamic Stack Allocations' in security point of view
- From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 29 Jan 2015 17:16:47 +0000
- Subject: [Bug libc/17897] Multiple 'Dynamic Stack Allocations' in security point of view
- Auto-submitted: auto-generated
- References: <bug-17897-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17897
--- Comment #4 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
On Thu, 29 Jan 2015, max at cxib dot net wrote:
> > (Unbounded stack allocations are considered bugs whether or not they cross
> > privilege boundaries, but are only security issues where a privilege
> > boundary is plausibly crossed.)
> >
>
> a application crash cannot be considered as a possible DoS?
It's only a security issue if the data causing the crash is plausibly
controlled by someone less-privileged than the user running the
application.
For example, if an application crashed somewhere in glibc as a result of a
1MB line in /etc/passwd, that would be a bug in glibc, but because you
need to be privileged to put that line in /etc/passwd in the first place,
that's not a security issue. But if it's caused by data that might
plausibly be untrusted (a privileged process accessing user files, or data
received from the network, etc.), then that's a security issue.
https://sourceware.org/glibc/wiki/Security%20Process
discusses in more detail what's considered a security issue.
--
You are receiving this mail because:
You are on the CC list for the bug.