[Gllug] Open Office downloading over https?
Nix
nix at esperi.org.uk
Sat Jun 27 10:43:33 UTC 2009
On 25 Jun 2009, Peter Corlett told this:
> On Thu, Jun 25, 2009 at 09:58:08AM +0100, Kostas Georgiou wrote:
> [...]
>> If you use firefox to download+open a file the application it execs
>> inherits all open fds since firefox doesn't bother with close-on-exec[1].
[...]
> Doubtful.
>
> If the thing you've launched can access arbitrary file descriptors that may
> have been left open, it's probably got the ability to make fresh network
> connections, or attach a debugger to your Firefox process and compromise it
> that way.
Except of course if the child process is setuid. More worrying probably
is the rare situation in which the *parent* is setuid but the child is
not, because the child can then exploit the fds of the more privileged
parent.
But setuid apps should be written with more care than it sounds like FF is.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list