mailing list archives
joe 2.8 makes world-readable DEADJOE
From: trevor () JPJ NET (Trevor Johnson)
Date: Sat, 17 Jul 1999 05:06:06 -0400
I'm just guessing about the Debian version above.
I recently started using a new editor called joe, with this editor there is
a feature that if your existing session is terminated, it creates a DEADJOE
in the directory. While editing my shadow file my connection was
terminated, thus leaving the DEADJOE in my /etc directory that was world
readable containing my entire shadow file. I think the problem is self
explanitory. I have emailed the creator and there is no feature to disable
this that I can find or mentioned in the email. My umask setting does not
seem to affect the permissions of DEADJOE.
The operating system is Debian Linux 2.1 kernel 2.2.10 i386.
How-To-Repeat: use joe to edit a file, then kill -HUP its process.
I was able to reproduce this with joe 2.8 under Red Hat
6.0, with either Red Hat's -18 patches or the
FreeBSD-current patches applied, so it looks like FreeBSD
is probably vulnerable too.
Fix: here's a patch against the pristine source, only tested on Red Hat.
--- b.c.orig Fri Jan 20 00:38:25 1995
+++ b.c Sat Jul 17 01:54:09 1999
@@ -21,6 +21,7 @@
@@ -1990,6 +1991,7 @@
+ mode_t mask=umask (077); /* no access to DEADJOE for others */
fprintf(f,"\n*** Modified files in JOE when it aborted on %s",ctime(&tim));
if(sig) fprintf(f,"*** JOE was aborted by signal %d\n",sig);
[LoWNOISE] Lotus Domino ET LoWNOISE (Jul 10)
- Re: L0pht 'Domino' Vulnerability is alive and well, (continued)
- (no subject) sbr (Jul 14)
- joe 2.8 makes world-readable DEADJOE Trevor Johnson (Jul 17)
- Re: your mail hal (Jul 19)