[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: untrusted translators
From: |
Neal H. Walfield |
Subject: |
Re: untrusted translators |
Date: |
Mon, 21 Mar 2005 09:31:36 +0000 |
User-agent: |
Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.3 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI) |
At 20 Mar 2005 20:15:03 -0800,
Thomas Bushnell BSG wrote:
>
> Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de> writes:
>
> > Following untrusted translators in the filesystem is a real security
> > hazard.
>
> Can you say more about a specific losing scenario? I did my level
> best to make sure that following translators doesn't give away any
> privs. What's the problem?
A simple example of problem is a translator with an infinite file
hierarchy. That can be done in the file system using finite space:
the root directory contains a directory, DIR, with inode #3, which
contains a directory, DIR, with inode #4, which contains a directory,
DIR with inode #5, etc. Any process trying to list this part of the
VFS will end up in an infinite loop. This would affect the program
which updates the locate database, users who run `find /', etc.
Re: heads up, Alfred M. Szmidt, 2005/03/21