[torquedev] Liblog chk_file_sec() function bugs

Vinod KV vinodkv at yahoo-inc.com
Mon Oct 1 07:56:54 MDT 2007


James Erickson wrote:
> I'm not sure if this is exactly the right place for reporting this bug so if
> not please point me in the right direction.
>
> file: src/lib/Liblog/chk_file_sec.c
> function: chk_file_sec()
>
> It's not that important of a function but it probably needs a rewrite or
> removal. It should not fail if a parent directory allows other users write
> access. There is also a trivial buffer overflow where sprintf is used
> because it's only allocating _POSIX_PATH_MAX size yet it should be
> _POSIX_PATH_MAX + length of any strings added to the print statement.
>
> This bug causes me major grief due to the way I have Torque installed in a
> world writable directory. 
>
> _______________________________________________
> torquedev mailing list
> torquedev at supercluster.org
> http://www.supercluster.org/mailman/listinfo/torquedev
>
>   

Even I went through the same problems.
Comments from the source :

     *      To be secure, all directories (and final file) in path must be:
     *              owned by uid < 10
     *              owned by group < 10 if group writable
     *              not have world writable unless stick bit set & this
    is allowed.

I understand the stress on the security of the __files used by 
daemons__, and these three make sense for those files. But IMHO, 
applying the same for __every file/directory in the path__ , seems like 
an over-kill.

Can anyone comment on this?

Thanks
--vinod


More information about the torquedev mailing list