From: Jamie Lokier <jamie@shareable.org>
To: "Joseph D. Wagner" <theman@josephdwagner.info>
Cc: "'maximilian attems'" <janitor@sternwelten.at>,
linux-fsdevel@vger.kernel.org
Subject: Re: Does sendfile() copy extended attributes?
Date: Sat, 20 Dec 2003 20:40:40 +0000 [thread overview]
Message-ID: <20031220204040.GA28180@mail.shareable.org> (raw)
In-Reply-To: <006301c3c6f3$8274ef80$0201a8c0@joe>
Joseph D. Wagner wrote:
> Because that violates one of the Immutable Laws of Security -- "If
> you're running someone else's program, it's not your program anymore."
That is equally the case if you're running someone else's function.
> If my program executes another program like cp/rsync in your
> example, it would be vulnerable to a privilege elevation when run as
> root. A hacker could replace cp/rsync, change the PATH, or a dozen
> other tricks to get it to execute his version of cp/rsync.
A hacker could also change libc.so and thereby change the copy function.
> Now if there's a function call that will copy a file -- other than
> the sendfile function which is what this thread has been all about --
> I'm all ears. However, I am not going to execute another program.
You are imagining a black box function which is specified to copy a
file and its attributes. How can you know that function does not work
by calling an external program?
-- Jamie
next prev parent reply other threads:[~2003-12-20 20:40 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-14 17:39 Does sendfile() copy extended attributes? Joseph D. Wagner
2003-12-15 5:43 ` Shaya Potter
2003-12-15 5:46 ` Jeff Garzik
2003-12-15 5:49 ` Shaya Potter
2003-12-15 5:55 ` Jeff Garzik
2003-12-15 5:59 ` Shaya Potter
2003-12-15 17:16 ` Bryan Henderson
2003-12-15 20:15 ` Joseph D. Wagner
2003-12-15 21:28 ` Jamie Lokier
2003-12-16 4:28 ` Joseph D. Wagner
2003-12-19 16:37 ` maximilian attems
2003-12-20 12:19 ` Joseph D. Wagner
2003-12-20 20:40 ` Jamie Lokier [this message]
2003-12-21 11:01 ` Joseph D. Wagner
2003-12-21 11:50 ` Jamie Lokier
2003-12-21 19:31 ` Joseph D. Wagner
2003-12-21 19:44 ` Shaya Potter
2003-12-21 19:51 ` Jamie Lokier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20031220204040.GA28180@mail.shareable.org \
--to=jamie@shareable.org \
--cc=janitor@sternwelten.at \
--cc=linux-fsdevel@vger.kernel.org \
--cc=theman@josephdwagner.info \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.