Check for file permissions is rather weak

Marcus Brinkmann Marcus.Brinkmann@ruhr-uni-bochum.de
Tue Dec 10 17:47:02 2002


On Tue, Dec 10, 2002 at 05:21:06PM +0100, Christian Biere wrote:
> when I use the option '--options' gpg checks whether the given file is
> owned by me or root. It also checks whether this file is writeable by
> others than me or root. This check is performed for the directory of this
> file, too. However, gpg does not verify any permissions above the
> directory the file is member of. Therefore, these checks are not
> very satifying, as someone could mv this directory away and replace it
> with something else.

How do you replace it with something owned by you or root without being you
or root in the first place?  If you put an exploitable directory with an
options file which is owned by you or root into someone else's directory,
then you surely deserve to lose :)

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' GNU      http://www.gnu.org    marcus@gnu.org
Marcus Brinkmann              The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de/