derp, strike the part about steve wray v jeff walton; everything else remains valid.
On Fri, Sep 13, 2013 at 3:28 PM, Jeffrey Walton <[email protected]> wrote: > On Fri, Sep 13, 2013 at 2:45 PM, <[email protected]> wrote: >> On Thu, 12 Sep 2013 18:23:53 -0400, Jeffrey Walton said: >> >>> They ignored my comments on fixed size arrays based on MAX_PATH and >>> the subsequent overflows and silent truncations due to use of sprintf >>> and snprintf.... >> >> Which "they" was it? >> >> If you're referring to this: >> >> http://comments.gmane.org/gmane.comp.security.selinux/16844 > There were many more than just that one. > >> Note that the guy you were replying to was a Japanese software engineer >> employed by NEC. If you want to argue the guy was an NSA plant trying to >> get a >> backdoor in, feel free. But don't expect to be taken seriously without some >> additional evidence. > The code was accepted into the project >> And it counted as "underhanded", how, exactly? > I did not claim that. > >> In other words - under what conditions can you make a truncation to MAX_PATH >> cause an actual hole? And to count as "underhanded" rather than merely >> "buggy", >> you'd need at least a whiff of evidence that it was intentional. > What's the difference if its exploitable in practice? > > There's no need to consciously add backdoors when developers are > checking in shit code. They serve the same purpose add add a level of > deniability. > >> Or as Kohei replied to you: >> >> "The selinux_mnt is not a variable given by external one, unless >> application does not update it by itself. >> >> It is not difficult to modify this part to return ENAMETOOLONG >> when snprintf() returns larger or equal with PATH_MAX." >> >> In the Linux community, this would count as '-ENOPATCH', as I'm not >> finding where you ever submitted a patch to fix the issue. > The more eyes the better, right.... > > Crowd sourcing security is a myth. > > Jeff > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
