Date: Sun, 13 Mar 2011 15:18:27 -0500 From: Eitan Adler <lists@...anadler.com> To: oss-security@...ts.openwall.com Cc: Vasiliy Kulikov <segoon@...nwall.com> Subject: Re: Untrusted fs and invalid filenames On Sat, Mar 12, 2011 at 12:03 PM, Vasiliy Kulikov <segoon@...nwall.com> wrote: > This is a resumption of the subject "Physical access vulnerabilities and > auto-mounting" brought by Dan Rosenberg. The previous discussion was > about possible attacks the kernel, now I'd like to talk about attacks > userland programs. > http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html and http://www.dwheeler.com/essays/filenames-in-shell.html are relevant here. -- Eitan Adler
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.