[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor

To: "'eugeny gladkih'" <john@xxxxxxxxx>, "'Shiva Persaud'" <shivapd@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
From: "Michele Cicciotti" <mc@xxxxxxxxxx>
Date: Sun, 21 Jan 2007 00:53:53 +0100

>  SP> The AIX Security Team can be reached at security-alert@xxxxxxxxxxxxxxx
>  SP> We have investigated this issue and AIX is not affected. A privileged
>  SP> process will not inherit closed file descriptors for stdio, stdout and
>  SP> stderr.
> well, but what is used for stdout if it's closed in the parent
> process just before fork(2) call?!

I don't know what's the case for AIX, but the typical fix for this 
vulnerability is to reopen stdout and stderr to /dev/null for setuid processes

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
  - From: XFOCUS Security Team
- Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
  - From: Shiva Persaud

Prev by Date: Re: [Full-disclosure] code release: cryptographic attack tool
Next by Date: Re: [Full-disclosure] Major gcc 4.1.1 and up security issue
Previous by thread: Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
Next by thread: Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor
Index(es):
- Date
- Thread