Back in March 2002, Wojciech Purczynski <cliph (at) isec (dot) pl [email concealed]> wrote (original
article at http://online.securityfocus.com/archive/1/264117 ):
> Name: Linux kernel
> Version: up to 2.2.20 and 2.4.18
> ...
> In case of excessively long path names d_path kernel internal function
> returns truncated trailing components of a path name instead of an error
> value. As this function is called by getcwd(2) system call and
> do_proc_readlink() function, false information may be returned to
> user-space processes.
The problem is still present in Debian 2.4.19 kernel. I have not tried 2.5,
but see nothing relevant in the Changelogs at http://www.kernel.org/ .
Cheers,
Paul Szabo - psz (at) maths.usyd.edu (dot) au [email concealed] http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
article at http://online.securityfocus.com/archive/1/264117 ):
> Name: Linux kernel
> Version: up to 2.2.20 and 2.4.18
> ...
> In case of excessively long path names d_path kernel internal function
> returns truncated trailing components of a path name instead of an error
> value. As this function is called by getcwd(2) system call and
> do_proc_readlink() function, false information may be returned to
> user-space processes.
The problem is still present in Debian 2.4.19 kernel. I have not tried 2.5,
but see nothing relevant in the Changelogs at http://www.kernel.org/ .
Cheers,
Paul Szabo - psz (at) maths.usyd.edu (dot) au [email concealed] http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
[ reply ]