Date: Wed, 5 Feb 1997 19:55:52 +0300 (MSK) From: Vadim Kolontsov <vadim@tversu.ac.ru> To: Guido van Rooij <Guido.vanRooij@nl.cis.philips.com> Cc: Joe Greco <jgreco@solaria.sol.net>, joerg_wunsch@uriah.heep.sax.de, core@freebsd.org, security@freebsd.org, jkh@freebsd.org Subject: Re: 2.1.6+++: crt0.c CRITICAL CHANGE Message-ID: <Pine.NEB.3.95.970205194827.25582A-100000@mailserv.tversu.ac.ru> In-Reply-To: <199702051501.QAA01260@bsd.lss.cp.philips.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 5 Feb 1997, Guido van Rooij wrote: > > > Yiou can use the lfix program to do so. It was posted by a Russian guy, > > > who's name I forgot. I added a fix so it can actually do the complete > > > filesystem in one sweep. Basically it patches the binary to replace > > > the above call by nop's. > > > > PERFECT!!! We have a solution :-) (this was the most worrisome security > > hole, the smaller ones like talkd could be "patched" much more easily). > > Before everyone starts singing `Halleluia', let me state first that > this does not solve everything. At runs a setlocale() itsself, so > it is still vulnerable. Further, It will not solve the problem for ppl > that actually NEED the locale stuff.... Yes, but why not to use lfix only for static binaries? I can add checking if binary statically or dynamic linked. Also we can include a patched and recompiled version of libc into archive. Of course, problem with _static_ binaries which uses setlocale() _by itself_ is still exists... this binaries need recompilation.. any ideas? Are there any such programs in FreeBSD distribution? Vadim. -------------------------------------------------------------------------- Vadim Kolontsov SysAdm/Programmer Tver Regional Center of New Information Technologies Networks Lab
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.95.970205194827.25582A-100000>