oss-security - Re: Security risk of vim swap files

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <20171106211432.pfwrhchhbrncqggo@jwilk.net>
Date: Mon, 6 Nov 2017 22:14:32 +0100
From: Jakub Wilk <jwilk@...lk.net>
To: oss-security@...ts.openwall.com
Subject: Re: Security risk of vim swap files

* Solar Designer <solar@...nwall.com>, 2017-11-06, 21:00:
>I don't know what state glibc was in with regard to honoring, ignoring, 
>or unsetting TMPDIR in SUID programs in 1998-1999.

glibc's tempnam() did inadvertently honor TMPDIR in setuid/setgid 
programs, but the bug was fixed in 1996:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d68171edce96cb59b5cb869f6a82afcc50db00be

In 2000, glibc started unsetting TMPDIR in such programs:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=74955460c5b9f23d7783395ce2478f5b7c5fd876

Curiously, Hurd implementation of tmpfile() seems to honor TMPDIR:
https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/mach/hurd/tmpfile.c;h=8bcfb81a104f37f271b18fe2eea3d40f7d101634;hb=HEAD#l40

-- 
Jakub Wilk

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.