I write:
>Just the minor comment about AFS /bin/login that it contains the same
>LD_LIBRARY_PATH hole that Sun just fixed. A minor security hole, but
>worth patching.
>program (i.e. /bin/sync). The bug has been discussed on usenet, and
>source code that gives the basic idea of how to fix it is in the recent
>CERT bulletin. Wietse Venema ([EMAIL PROTECTED]) wrote the patch.)
The program in the CERT bulletin can be used to close the security hole
until a patched /bin/login can be obtained from Transarc. To use this
"wrapper" program, suppose that the AFS login program is
"/usr/afsws/bin/login" mode 755 (no longer 4755). Then install the
following program as "/bin/login", mode 4755. It closes the
LD_LIBRARY_PATH hole.
Brian
(... again, just a user, not speaking for any RPI computing service)
/* Start of C program source */
/* Change the next line to reflect the full pathname
of the file to be protected by the wrapper code */
#define COMMAND "/usr/afsws/bin/login"
#define VAR_NAME "LD_"
main(argc,argv,envp)
int argc;
char **argv;
char **envp;
{
register char **cpp;
register char **xpp;
register char *cp;
for (cpp = envp; cp = *cpp;) {
if (strncmp(cp, VAR_NAME, strlen(VAR_NAME))==0) {
for (xpp = cpp; xpp[0] = xpp[1]; xpp++);
/* void */ ;
}
else {
cpp++;
}
}
execv(COMMAND, argv);
perror(COMMAND);
exit(1);
}
/* End of C program source */
