Xref: utzoo comp.unix.wizards:13337 news.admin:4258 news.sysadmin:1910 Path: utzoo!utgpu!watmath!clyde!bellcore!rutgers!mailrus!purdue!decwrl!hplabs!well!pokey From: pokey@well.UUCP (Jef Poskanzer) Newsgroups: comp.unix.wizards,news.admin,news.sysadmin Subject: Re: unshar business Message-ID: <7876@well.UUCP> Date: 9 Dec 88 20:59:00 GMT References: <232@logicon.arpa> Reply-To: Jef Poskanzer Organization: Paratheo-Anametamystikhood Of Eris Esoteric, Ada Lovelace Cabal Lines: 35 In the referenced message, Makey@LOGICON.ARPA (Jeff Makey) wrote: }In article <210@bridge2.3Com.Com> mbt@bridge2.3Com.com (Brad Turner) writes: }>I figure this is a pretty safe compromise between prudence and paranoia. } }Some people just don't pay attention, do they? } }I haven't had a chance to look carefully at Cathy Segedy's C program, }but there's no question that such an approach is the most efficent (in }terms of machine resources) and safest method of unsharing map files. Well, I have looked at Cathy's program, all 93 lines of it, and unless I'm reading it wrong she wasn't paying much attention either. Consider the following somewhat twisted fragment where she gets the output filename from the shar file: strncpy(file2,&buffer[20],(strlen(&buffer[20]) - 1)); printf("opening file {%s}\n",file2); if((fp2 = fopen(file2, "w")) == NULL) { Do you see anything in there to prevent "../../../../etc/passwd"? I sure don't. By the way, uns.c uses a fixed size buffer, only 256 characters long. I have right here in my home directory a shar file with a 288 character line. These are minor nits, easily fixable, but I thought someone ought to point them out before people start installing uns.c and thinking they are secure. --- Jef Jef Poskanzer jef@rtsg.ee.lbl.gov ...well!pokey Flon's Law: There is not now, and never will be, a language in which it is the least bit difficult to write bad programs.