Re: Upcoming FreeBSD Security Advisory

看板FB_security作者時間16年前 (2009/12/02 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串13/17 (看更多)
http://twitter.com/spendergrsec/status/6223864530 http://xorl.wordpress.com/2009/12/01/freebsd-ld_preload-security-bypass/ On 12/1/09, Sean C. Farley <scf@freebsd.org> wrote: > On Tue, 1 Dec 2009, Dan Lukes wrote: > >> Dag-Erling Sm=F8rgrav napsal/wrote, On 12/01/09 14:12: >>> As to the second: yes, 6.1 is most likely affected. >> >> Probably no. >> >> The older algorithm used in 6.1 looks like >> ----------------- >> if (trusted) { >> variable =3D getenv(NAME); >> .... >> ----------------- >> >> The affected algorithm looks like: >> ----------------- >> if (!trusted) { >> unsetenv(NAME); >> ... >> }; >> variable =3D getenv(NAME); >> ----------------- >> >> As far as I know such change has been MFCed into 6.3, 6.4, 7.x but not >> into 6.1. So 6.1 should not be affected by this bug (but remain >> vulnerable to problem that triggered the change of old algorithm to >> new). > > That is correct. 6.x should not be affected. The security issue exists > with the combination of the getenv() to unsetenv() change in rtld.c and > the addition of the new env code. The unsetenv() in 6.x would not stop > if environ was corrupted. > > Sean > -- > scf@FreeBSD.org _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 oliver. 的文章
文章代碼(AID): #1B5Ldcom (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 13 之 17 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共17篇)
更多 oliver. 的文章
文章代碼(AID): #1B5Ldcom (FB_security)