Date: Wed, 1 Jul 1998 00:42:10 +2500
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@NETSPACE.ORG
Subject: Environment variables (SECURITY: too many new packages)
Bugtraq readers who haven't been following the Linux security audit
project (from whence most of the Red Hat fixes came - and other vendors
will I assume be issuing identical updates) might like to take a look
at how their own OS handles pointing the following at files only root
can read and running setuid apps. (or setgid usage in some cases such as
Mutt)
TZ
TERMINFO
TERMCAP
There are lots of files which when read do 'interesting' things, and termcap
in paticular is fun because it tends to read the entire floppy/tape/memory
etc before it gives up.
This raises another related question. Has anyone ever tried to build the
complete list of environment influenced file opens in not just libc but
all the supporting libraries in unix systems ?
A PS item btw: 2.0.35pre3 fixes the bug reported with SIGIO, and it should
be out as 2.0.35 proper RSN - 2.0.35pre3 is a release candidate. We hadn't
planned on a 2.0.35 release quite that soon but such is life.
Alan
