[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #13381] infinite loop with -follow.
|
From: |
James Youngman |
|
Subject: |
[bug #13381] infinite loop with -follow. |
|
Date: |
Sun, 12 Jun 2005 21:05:46 +0000 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050517 Firefox/1.0.4 (Debian package 1.0.4-2) |
Update of bug #13381 (project findutils):
Severity: 3 - Normal => 6 - Security
Status: None => Fixed
Assigned to: None => jay
_______________________________________________________
Follow-up Comment #1:
NB: THIS BUG IS A SECURITY HOLE (denial of "updatedb" service by users,
possibly denial of service to security checks based on find). Please note the
list of affected versions of findutils.
The problem was introduced because safely_chdir() in find.c now sometimes
avoids needing to stat the destination directory, and so stat_buf was left
unpopulated. This problem is fixed by the attached patch, which has been
committed into the development code. The scope of the security problem
extends only to the indefinite loop, the problem does not result in users
being able to persuade find to process parts of the filesystem that should be
excluded.
Having said this, this bug only occurs if the "-L" option was used, which
normally should not be the case with any security checks - because they should
not follow symbolic links, in general.
The next release of findutils will include this fix. The NEWS file will
outline the severity of the problem.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=13381>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/