[exim-dev] [Bug 989] CVE-2010-2024 - MBX locking race condit…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Nigel Metheringham
Dátum:  
Címzett: exim-dev
Tárgy: [exim-dev] [Bug 989] CVE-2010-2024 - MBX locking race condition
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=989




--- Comment #1 from Nigel Metheringham <nigel@???> 2010-05-26 13:29:49 ---
[Comments from Phil Pennock]

The second is a symlink attack against /tmp -- so if you're on a sane
system which inhibits following symlinks in /tmp then you're protected.
Eg, BSD 'nosymfollow' option on the mountpoint. The exposure is that an
empty file can be created as the attacked user, or an fcntl exclusive
lock can be taken out against an existing file.

Mitigation strategies:
* don't use MBX with it's dependency upon /tmp
* mount /tmp with symlinks disabled


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email