[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: mono loading shared libs from cwd
From:       Thomas Biege <thomas () suse ! de>
Date:       2010-11-10 14:25:01
Message-ID: 201011101525.01464.thomas () suse ! de
[Download RAW message or body]


missed to add:
http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html

Am Mittwoch 10 November 2010 15:18:26 schrieb Thomas Biege:
> Hello folks,
> 
> from our bugzilla.
> 
> "
> http://www.mono-project.com/DllNotFoundException explains that the mono
> runtime
> searches the current working directory for DLLs.  This opens a serious
> security
> hole.  Malicious code can be given the same name as a DLL and left in a
> directory the user might visit.  Also, it means that no mono application
>  can safely set the current working directory.
> 
> Microsoft themselves addressed this issue in Windows
> http://msdn.microsoft.com/en-us/library/ms682586(v=VS.85).aspx
> 
> It's a well known "dummies" question for Unix why you must not have "." on
> your
> path
> http://www.unix.com/unix-dummies-questions-answers/22806-why-bad-idea-inser
> t- dot-path.html
> 
> Mono is exposing users to these same old hat problems.
> 
> (As a related problem, many mono programs seem to *assume* that they will
>  be run with the CWD set to their installed directory, and break if it
>  isn't.) "
> 
> Filed by Richard Brooksby.
> 

-- 
 Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic