Mailinglist Archive: opensuse-bugs (7294 mails)
| < Previous | Next > |
[Bug 372070] AUDIT-0: open-vm-tools: suid binary
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Thu, 19 Mar 2009 07:41:07 -0600 (MDT)
- Message-id: <20090319134107.0FBED24550E@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=372070
User thomas@xxxxxxxxxx added comment
https://bugzilla.novell.com/show_bug.cgi?id=372070#c12
--- Comment #12 from Thomas Biege <thomas@xxxxxxxxxx> 2009-03-19 07:41:04 MST
---
1.)
main() is vulnerable to a race condition as it seems and mount() would use an
arbitrary traget dir.
mntRes = mount(shareName, mountPoint, HGFS_NAME, flags, &mountInfo); // XXX
tom: mountPoint can be replaced after checks above are passed!
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
User thomas@xxxxxxxxxx added comment
https://bugzilla.novell.com/show_bug.cgi?id=372070#c12
--- Comment #12 from Thomas Biege <thomas@xxxxxxxxxx> 2009-03-19 07:41:04 MST
---
1.)
main() is vulnerable to a race condition as it seems and mount() would use an
arbitrary traget dir.
mntRes = mount(shareName, mountPoint, HGFS_NAME, flags, &mountInfo); // XXX
tom: mountPoint can be replaced after checks above are passed!
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |