[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MiNT 1.09 patch: unifs security

To: benni@phil15.uni-sb.de (Benjamin Lorenz)
Subject: MiNT 1.09 patch: unifs security
From: Torsten Scherer <itschere@TechFak.Uni-Bielefeld.DE>
Date: Wed, 1 Dec 93 9:04:38 +0100
Cc: mint@atari.archive.umich.edu
Reply-to: itschere@TechFak.Uni-Bielefeld.DE
Sender: itschere@TechFak.Uni-Bielefeld.DE

Hi Benni!

 Just like you said, really everyone is allowed to delete links on the
unifs, cause the ownership simply isn't checked, despite the filesystem
does support an uid for a link. I'm not sure if that's worth a lot changes
cause I doubt anyone would really need an XATTR on the unifs, well, perhaps
it should also provide a gid field to make it look better in those cases,
but then, it might be a bad idea to make the root directory itself writeable
by any other user. Anyway, here's a quick patch which should do fine for now:

--- orig/unifs.c	Fri Nov 19 15:34:52 1993
+++ my/unifs.c	Wed Dec  1 08:45:56 1993
@@ -268,6 +268,7 @@
 	while (u) {
 		if (!strncmp(u->name, name, NAME_MAX)) {
 			if ( (u->mode & S_IFMT) != S_IFLNK ) return EFILNF;
+			if (u->dev != curproc->euid) return EACCDN;
 			kfree(u->data);
 			if (lastu)
 				lastu->next = u->next;

so long,
TeSche
---
PS: If the above written looks weird, then that's probably because it _is_.
WhoDunnIt: Torsten Scherer (Schiller, Tesche, ...)
Where: Faculty of Technology, University of Bielefeld, Germany
EMail: itschere@techfak.uni-bielefeld.de / tesche@hrz.uni-bielefeld.de

Next by Date: Re: two bugs fixed in ramfs 1.4
Next by thread: Re: two bugs fixed in ramfs 1.4
Index(es):
- Date
- Thread