ate: Sun, 7 Mar 1999 01:41:25 +0100 From: Michal Zalewski Midnight Commander 4.x bugs (x2) Still not fixed. Temporary files mc are created in insecure way, allowing typical races. Also, entering directories containing $(...) somewhere might result in execution of embeeded code. Described days ago, dunno why it hasn't been patched. _______________________________________________________________________ Michal Zalewski [lcamtuf@ids.pl] [link / marchew] [dione.ids.pl SYSADM] [Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};: [voice phone: +48 (0) 22 813 25 86] ? [pager (MetroBip): 0 642 222 813] Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch] --------------------------------------------------------------------------- Date: Mon, 5 Apr 1999 13:00:14 -0500 From: Miguel de Icaza To: BUGTRAQ@netspace.org Subject: Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Commander (x2) > 7. Midnight Commander 4.x bugs (x2) > > Still not fixed. Temporary files mc are created in insecure way, allowing > typical races. Also, entering directories containing $(...) somewhere > might result in execution of embeeded code. 4.x barely tells me anything. Code in the 4.x can mean anything in the last 18 months. P There are two major code versions: 4.1.xx: old, stable 4.5.xx: new, stable I do not know of any problems in 4.5.xx. The code does take appropiate steps to work around those problems. > Described days ago, dunno why it hasn't been patched. you might have described that to your shrink, or perhaps a frog sitting on a rock, but I never saw any detailed bug reports about this. miguel. --------------------------------------------------------------------------- Date: Mon, 8 Mar 1999 02:37:18 +0100 From: Michal Zalewski > 7. Midnight Commander 4.x bugs (x2) While Miguel de Icaza claims there's no known bugs in mc, Pavel Machek confirmed that there are still not fixed races. --------------------------------------------------------------------------- Date: Fri, 9 Apr 1999 14:17:17 +0200 From: Pavel Machek To: BUGTRAQ@netspace.org Subject: Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Commander (x2) Hi! > > 7. Midnight Commander 4.x bugs (x2) > > While Miguel de Icaza claims there's no known bugs in mc, Pavel Machek > confirmed that there are still not fixed races. I checked out cvs of mc today, and races are gone. Owen Taylor did the work. Is there any more problems in midnight you know of? Pavel -- The best software in life is free (not shareware)! Pavel GCM d? s-: !g p?:+ au- a--@ w+ v- C++@ UL+++ L++ N++ E++ W--- M- Y- R+ --------------------------------------------------------------------------- Date: Sat, 10 Apr 1999 17:27:33 +0200 From: Luca Berra To: BUGTRAQ@netspace.org Subject: Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Commander (x2) On Fri, Apr 09, 1999 at 02:17:17PM +0200, Pavel Machek wrote: > Hi! > > > > 7. Midnight Commander 4.x bugs (x2) > > > > While Miguel de Icaza claims there's no known bugs in mc, Pavel Machek > > confirmed that there are still not fixed races. > > I checked out cvs of mc today, and races are gone. Owen Taylor did the > work. Is there any more problems in midnight you know of? > Yup, most of the vfs shell scripts sux i.e.: many contain things like '> $3' unquoted. the mc.sh example script is a perfect example of how a script should not be written ($RANDOM is not at all a safe way to generate temporary file names) i tried to patch whatever i found, all my patches to mc, if anyone cares, can be found at http://www.comedia.it/bluca/mc/ Regards, Luca -- Luca Berra -- bluca@comedia.it CoMedia s.r.l. --------------------------------------------------------------------------- Date: Sun, 11 Apr 1999 14:56:36 -0500 From: Miguel de Icaza To: BUGTRAQ@netspace.org Subject: Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Commander (x2) > Yup, most of the vfs shell scripts sux > i.e.: many contain things like '> $3' unquoted. Ok, at least this bit has been fixed in 4.5.30 thanks to Owen Taylor. the mc.sh sample code is still broken. I will look at your patches and integrate new things. Miguel.