Gentoo Archives: gentoo-user-es

From: Seemant Kulleen <seemant@g.o>
To: gentoo-announce@g.o, scoop@×××××××××.net
Subject: [gentoo-user-es] [gentoo-announce] GLSA: ppp
Date: Wed, 31 Jul 2002 09:30:18
- -----------------------------------------------------------------------
- -----------------------------------------------------------------------
PACKAGE         : ppp -- net dialup/point-to-point protocol
SUMMARY         : security vulnerability in symlink creation
DATE            : Wed Jul 31 14:29:24 UTC 2002
- -----------------------------------------------------------------------


A race condition exists in the pppd program that may be exploited
in order to change the permissions of an arbitrary file.


>From the FreeBSD report:
The file specified as the tty device is opened by pppd, and the permissions are recorded. If pppd fails to initialize the tty device in some way (such as a failure of tcgetattr(3)), then pppd will then attempt to restore the original permissions by calling chmod(2). The call to chmod(2) is subject to a symlink race, so that the permissions may `restored' on some other file. The full advisory may be found here: SOLUTION It is recommended that all Gentoo Linux users who are running net-dialup/ppp-2.4.1-r9 and earlier update their systems as follows. emerge rsync emerge ppp - ------------------------------------------------------------------------ aliz@g.o seemant@g.o drobbins@g.o - ------------------------------------------------------------------------ -- Seemant Kulleen Developer and Project Co-ordinator, Gentoo Linux _______________________________________________ gentoo-announce mailing list gentoo-announce@g.o