Solaris 2.5.1 dirname() bug in libgen.a affects OpenSSH2.9.9p2 auth.c
openssh-unix-dev at thewrittenword.com
openssh-unix-dev at thewrittenword.com
Wed Oct 17 09:48:35 EST 2001
On Tue, Oct 16, 2001 at 03:36:42PM -0400, Dan Astoorian wrote:
> I've discovered a problem with OpenSSH 2.9.9p2 under Solaris 2.5.1 .
>
> In auth.c, secure_filename() walks upwards toward the user's home
> directory or the filesystem root, verifying that no directories along
> the way are group or world writable.
>
> Solaris 2.5.1's dirname() function has a bug where dirname("/.ssh")
> returns an empty string instead of "/".
I was able to duplicate this on our 2.5.1 machine. It is reported as
bug id #4055505 at sunsolve.sun.com. There is a libgen patch available
as 106274-01 but it's a fix to some regex issue so I guess there is no
solution from Sun for this problem.
> Dan Astoorian People shouldn't think that it's better to have
--
albert chin (china at thewrittenword.com)
More information about the openssh-unix-dev
mailing list