Check for file permissions is rather weak
Marcus Brinkmann
Marcus.Brinkmann@ruhr-uni-bochum.de
Tue Dec 10 17:47:02 2002
On Tue, Dec 10, 2002 at 05:21:06PM +0100, Christian Biere wrote:
> when I use the option '--options' gpg checks whether the given file is
> owned by me or root. It also checks whether this file is writeable by
> others than me or root. This check is performed for the directory of this
> file, too. However, gpg does not verify any permissions above the
> directory the file is member of. Therefore, these checks are not
> very satifying, as someone could mv this directory away and replace it
> with something else.
How do you replace it with something owned by you or root without being you
or root in the first place? If you put an exploitable directory with an
options file which is owned by you or root into someone else's directory,
then you surely deserve to lose :)
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org marcus@gnu.org
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de/