The open() system call in f8 really broken...
Tom "spot" Callaway
tcallawa at redhat.com
Thu Aug 16 20:34:02 UTC 2007
On Thu, 2007-08-16 at 16:36 -0400, Steve Dickson wrote:
> Pete Zaitcev wrote:
> >
> >> - if ((fd = open(fname, readonly? O_RDONLY : (O_RDWR|O_CREAT))) < 0) {
> >> + if ((fd = (open)(fname, readonly? O_RDONLY : (O_RDWR|O_CREAT))) < 0) {
> >
> > Now you're just being unfriendly about it by finding ways to defeat
> > a helpful check instead of adding the missing mode. What point are
> > you trying to prove by doing this?
> The point I was trying to prove is by simply adding the '()' I
> could avoid the runtime abort and still have the security hole....
> concluding the runtime check is very buggy so this check should
> never call abort() since it can't be correct 100% of time...
This logic is flawed... if everytime it triggers is correct, we
shouldn't remove the check because it misses possible cases. We'd really
only want to remove it if found false positives.
~spot, who is amazed at the effort expended on this thread rather than
simply FIXING the security bug
More information about the Fedora-maintainers
mailing list