Date: Fri, 14 Mar 1997 23:49:29 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: schneider@zib.de (Wolfram Schneider) Cc: committers@freebsd.org, security@freebsd.org Subject: Re: ktrace security problem Message-ID: <19970314234929.RN36549@uriah.heep.sax.de> In-Reply-To: <199703141959.UAA09558@soft13.zib.de>; from Wolfram Schneider on Mar 14, 1997 20:59:03 %2B0100 References: <199703141959.UAA09558@soft13.zib.de>
next in thread | previous in thread | raw e-mail | index | archive | help
As Wolfram Schneider wrote:
> Now the user wosch (I) can read all information from sendmail ;-(
> IMHO ktrace should not overrides foreign ktrace.out files.
Somebody please review this:
cvs diff: Diffing /ktrace
Index: ktrace/ktrace.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/ktrace/ktrace.c,v
retrieving revision 1.8
diff -u -u -r1.8 ktrace.c
--- ktrace.c 1997/02/22 19:55:27 1.8
+++ ktrace.c 1997/03/14 22:47:09
@@ -72,6 +72,7 @@
int append, ch, fd, inherit, ops, pid, pidset, trpoints;
char *tracefile;
mode_t omask;
+ struct stat sb;
clear = NOTSET;
append = ops = pidset = inherit = 0;
@@ -140,8 +141,12 @@
}
omask = umask(S_IRWXG|S_IRWXO);
- if ((fd = open(tracefile, O_CREAT | O_WRONLY | (append ? 0 : O_TRUNC),
- DEFFILEMODE)) < 0)
+ if (append) {
+ if (stat(tracefile, &sb) == 0 && sb.st_uid != getuid())
+ errx(1, "Refuse to append to tracefile not owned by you");
+ } else if (unlink(tracefile) == -1 && errno != ENOENT)
+ err(1, "Cannot unlink old tracefile");
+ if ((fd = open(tracefile, O_CREAT | O_WRONLY, DEFFILEMODE)) < 0)
err(1, tracefile);
(void)umask(omask);
(void)close(fd);
--
cheers, J"org
joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970314234929.RN36549>