This is the mail archive of the
libc-alpha@sourceware.cygnus.com
mailing list for the glibc project.
Re: Possible pt_chown vulnerability
- To: Florian dot Weimer at rus dot uni-stuttgart dot de
- Subject: Re: Possible pt_chown vulnerability
- From: Mark Kettenis <kettenis at wins dot uva dot nl>
- Date: Tue, 18 Jan 2000 14:33:29 +0100 (MET)
- CC: libc-alpha at sourceware dot cygnus dot com
From: Florian Weimer <Florian.Weimer@rus.uni-stuttgart.de>
Date: 18 Jan 2000 12:31:46 +0100
Last summer, the following vulnerability was discussed on BUGTRAQ. It
never resulted in changes to glibc, and Andreas Jaeger told me that
you weren't notified.
Well, Andreas is wrong (although I don't blame him for not
remembering), and the bug is already fixed. The tricky part is that
no changes were made to login/programs/pt_chown.c itself. Instead a
bug in ptsname() was fixed:
1999-08-25 Mark Kettenis <kettenis@gnu.org>
* sysdeps/unix/sysv/linux/ptsname.c: Add checks to make sure we're
really dealing with a master pseudo terminal, and really returning
the name of the associated slave pseudo terminal by checking the
device number.
I belive this fix was already in glibc-2.1.2, but I'm not entirely
sure.
Mark