Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

CWE-732 Exploit Pervasive in Perl (and probably perl) 4 Comments More | Login | Reply /

 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.

  • when reading a critical file (config files, modules, etc) you should always check the file permissions to be sure that nobody could possibly have modified it.

    How does that help? If an attacker has permission to change the contents of a config file then they may well have permission to chmod it back to 644 afterwards, surely?

    Further, checking the permissions with stat() and then reading the file introduces a race condition, and so does reading it first and then statting.

    Some programs like OpenSSH or Apa

    --
    -- Ed Avis ed@membled.com
    • > Further, checking the permissions with stat() and then reading the file introduces a race condition, and so does reading it first and then statting.

      You can open a file, and then stat the file handle...

      • You can open a file, and then stat the file handle...

        Doesn't help. The permissions can be changed after you stat and while you still have the file open.

        --
        -- Ed Avis ed@membled.com
        • It closes, not the case of its permissions changing, but of statting and reading different files, because the file (in a writable directory, like /tmp) got renamed in the interim.

          A tighter permission check, reasonably cheap: fstat, read, fstat again and check nothing but access time has changed.

Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.