This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: Universal "substitution"/"renaming" of open(2)

To: libc-hacker@cygnus.com
Subject: Re: Universal "substitution"/"renaming" of open(2)
From: tb@MIT.EDU (Thomas Bushnell, n/BSG)
Date: Thu, 30 Apr 1998 14:54:15 -0400
Cc: libc-hacker@gnu.org
Reply-To: libc-hacker@cygnus.com


Such an extended open is a serious security problem in setuid
programs, and has other disturbing implications too.  I agree that
it's a nifty hack, but I think that it needs more than just a few
lines of code to decide whether it will have more serious
repercussions.

References:
- Universal "substitution"/"renaming" of open(2)
  - From: oleg@pobox.com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]