Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 14 Mar 2011 08:32:24 -0400
From: Dan Rosenberg <>
Cc: Ludwig Nussel <>, Petr Baudis <>
Subject: Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Sigh.  Unfortunately I think this is the truth - I just wish there
were an easier way of addressing this besides patching every affected
helper individually.  Unless anyone else has any ideas, I'll write up
some patches for affected programs later today.


On Mon, Mar 14, 2011 at 8:14 AM, Ludwig Nussel <> wrote:
> Dan Rosenberg wrote:
>> There are a few possible options   We could patch glibc to try to
>> raise the rlimit in addmntent(). [...]
> Citing our glibc maintainer Petr Baudis via Bugzilla:
> | I have been thinking about it and I'm not at all sure the proposed solution
> | makes sense. First, this may also concern the obscure interfaces like
> | putspent() (not sure if anyone uses these, moreover in security relevant
> | contexts). Second, messing with RLIMIT_FSIZE within library routine is just
> | evil. The caller may be multi-threaded or just do something else between
> | setpwent() and endpwent() too and RLIMIT_FSIZE is just evil. All setuid
> | programs must sanitize things like this, on their own terms.
> cu
> Ludwig
> --
>  (o_   Ludwig Nussel
>  //\
>  V_/_
> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.