BugTraq
Multiple OS kernel insecure handling of stdio file descriptor Jan 18 2007 02:21PM
XFOCUS Security Team (security xfocus org) (3 replies)
Re: Multiple OS kernel insecure handling of stdio file descriptor Jan 19 2007 11:19PM
Shiva Persaud (shivapd austin ibm com) (1 replies)
Re: Multiple OS kernel insecure handling of stdio file descriptor Jan 20 2007 05:43PM
eugeny gladkih (john drweb com)
>>>>> "SP" == Shiva Persaud <shivapd (at) austin.ibm (dot) com [email concealed]> writes:

>> XFOCUS team (http://www.xfocus.org/) had discovered Multiple OS kernel
>> insecure handling of stdio file descriptor.
>>
>> ===================
>> Affected OS Version
>>
>> AIX 5.3

SP> The AIX Security Team can be reached at security-alert (at) austin.ibm (dot) com. [email concealed]

SP> We have investigated this issue and AIX is not affected. A privileged
SP> process will not inherit closed file descriptors for stdio, stdout and
SP> stderr.

well, but what is used for stdout if it's closed in the parent
process just before fork(2) call?!

--
Yours sincerely, Eugeny.
Doctor Web, Ltd. http://www.drweb.com

[ reply ]
Re: Multiple OS kernel insecure handling of stdio file descriptor Jan 18 2007 09:04PM
Peter Jeremy (peter jeremy alcatel-lucent com au) (1 replies)
Re: Multiple OS kernel insecure handling of stdio file descriptor Jan 20 2007 06:35PM
Carson Gaspar (carson taltos org)
Re: Multiple OS kernel insecure handling of stdio file descriptor Jan 18 2007 06:30PM
3APA3A (3APA3A SECURITY NNOV RU)


 

Privacy Statement
Copyright 2010, SecurityFocus