Bugtraq: Re: Serious Linux 2.0.34 security problem

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Serious Linux 2.0.34 security problem

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Wed, 1 Jul 1998 17:07:15 +0100

  fcntl(0,F_SETOWN,p);
  s = fcntl(0,F_GETFL,0);
  fcntl(0,F_SETFL,s|O_ASYNC);
  printf("Sending SIGIO - press enter.\n");
  getchar();
  fcntl(0,F_SETFL,s&~O_ASYNC);
  printf("SIGIO send attempted.\n");
  return 0;
}


Well, that looks like one of the class of security problems described
by www.openbsd.org/advisories/signals.  Hasn't anyone else fixed those
problems yet?


Of course Theo if you actually bothered to look back at the Linux sources
you'd see thats an error that crept in and we had SIGIO right way before
the old advisories that predate OpenBSD.

Alan

By Date By Thread

Current thread:

Re: Serious Linux 2.0.34 security problem Theo de Raadt (Jun 30)
- Re: Serious Linux 2.0.34 security problem Alan Cox (Jul 01)
- 1998 USENIX Annual Technical Conference - Call for Papers Jackson Dodd (Jul 01)
- <Possible follow-ups>
- Re: Serious Linux 2.0.34 security problem Liviu Daia (Jul 01)