Contributed by jose on from the protect-your-stack-protector dept.
The OpenBSD ftp daemon does not use realpath(3) in a way that could be exploited, however a number of other system binaries also use the function. It is not currently known whether or not this bug results in an exploitable security hole on OpenBSD. Since the bug led to an exploitable hole in wu-ftpd, it is entirely possible that some program using realpath(3) under OpenBSD may be vulnerable to attack. For OpenBSD 3.3 and higher, the ProPolice stack protector should provide some protection from this bug, but this cannot be guaranteed.
This bug has been fixed in OpenBSD-current as well as the 3.2 and 3.3 -stable branches. Patches are available for OpenBSD 3.2 and 3.3.
Patch for OpenBSD 3.2: ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/3.2/common/015_realpath.patch
Patch for OpenBSD 3.3: ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/3.3/common/001_realpath.patch
For versions of OpenBSD prior to 3.2, users may simply fetch the current revision of realpath.c from: ftp://ftp.OpenBSD.org/pub/OpenBSD/src/lib/libc/stdlib/realpath.c then rebuild and install libc with the new realpath.c.
For more details, see the description of the wu-ftpd fp_realpath bug: http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
Make sure you're up to date!
(Comments are closed)
By Anonymous Coward () on
So after I follow the rest of the instructions in the patch, what else do I need to do?
Comments
By Norbert P. Copones () norbert at feu-nrmf.ph on mailto:norbert at feu-nrmf.ph
Comments
By Anonymous Coward () on
Comments
By maricel madayag () on
By Anonymous Coward () on
http://www.openbsd.org/stable.html
You might also want to look at the AnonCVS page on how you can update your source tree with CVS:
http://www.openbsd.org/anoncvs.html
Note that you'll need to change the tag name as their examples use OPENBSD_3_2 for the tag name but for 3.3 you'd use OPENBSD_3_3 instead. I only patch my source from the "stable" branch as I don't have the time to test stuff on "current".
By schubert () on http://schubert.cx/
bin/systrace
sbin/isakmpd
sbin/mount
sbin/mount_*
sbin/mountd
sbin/umount
are your statically linked binaries in base that use realpath()
Comments
By Anonymous Coward () on
Comments
By tedu () on
is it statically linked?
is it statically linked?
Comments
By Mr. Kotter () on
Oh! Oh! I know!
By Anonymous Coward () on
Comments
By Anonymous Coward () on
$ ldd `which sshd` `which ssh`
/usr/sbin/sshd:
-lkrb
-lkafs
-lasn1
-lkrb
-lcrypto
-lutil
-lz
-ldes
-lc
/usr/bin/ssh:
-lkrb
-lasn1
-lkrb
-lkafs
-lcrypto
-lz
-ldes
-lc
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By psygnosis () on
Rename rootd to needslash and invert its value. This fixes the check for ENAMETOOLONG, though since we use strlcpy() and strlcat() this is not a big deal. Problem found by vincent@
Comments
By tedu () on
By Anonymous Coward () on
Comments
By ycel () on
By jose () on http://monkey.org/~jose/
Comments
By Anonymous Coward () on
???
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By Wijnand () on http://NedBSD.nl
Comments
By Anonymous Coward () on
Comments
By Wijnand () on http://NedBSD.nl
By Anonymous Coward () on
(looks around)
Who are you? What's that? Why am I here?
What's my name?
By Anonymous Coward () on
Because this is BSD and not GNU, plus they were a bunch of leet wannabee kidz who thought they could claim others code as their own.
Theives are often not very giving.
By BigOpenBSDFan () on
~2500 days with one remote root hole
Them're numbers the others would love to have.
Huzzah OpenBSD!
-DaFan
Comments
By Anonymous Coward () on
9:40AM up 121 days, 16:52, 1 user, load averages: 0.12, 0.09, 0.08
howwaaaa!!!
:-)
Comments
By Andy () on
I know it's off topic but I just wanted to know ...
Comments
By Shane () on
I put to bed my: OpenBSD firewall, OpenBSD server and Sun Ultra 10 (OpenBSD/Solaris 9).
Sometimes also Linux/OpenBSD/Win2k P3, OSX/OpenBSD iBook. All up, I have 22 computers including 68k, PPC, x86 and SPARC.
If only I had a life!!
By Anonymous Coward () on
With regards to the power bill, again check the specs of the box. 9 cooling fans in a Pentium 100 case? 10 HDs? 800 watt power supplies - make sure the hardware isn't overkill for what you are actually using the box for.
Maybe get a better case that runs cooler, and you can reduce the fans. Seagate HDs (Barracuda IV, V) virtually make no noise at all, unless you put your ear on the HD.
If you are talking about more than one box, apply above to all.
Comments
By rankor_industries () on
IIRC the last time I 'upgraded' my cpu to the copper heatsink it was about $10-$15 from some online parts site.
Now the wife just bitches about the LEDs being on all the time. But what is a computer setup without LEDs??? Sigh, time to pull the jumpers I suppose.
By Tet () on
By Mike Ray () mray@sfobug.org on http://host.sfobug.org/~mray
And as far as electricity goes, one machine isn't that bad. You just have to skip a few coffees/beers/pizza a month ;-)
By Anonymous Coward () on
By Georg () w@nein.de on mailto:w@nein.de
And btw, original poster has a good sense of humour: printing the same Polish name twice since most illiterates won't see any difference no matter what.
Quit this "no vulnerabilities for so many days/years" bs and try to really differentiate yourself aside from forking and repackaging. So far OpenBSD means only one thing: elevated loss of man-hours, on par with Red Hat Linux.
By solarce () on
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Gerardo Santana Gómez Garrido () santana at openbsd.org.mx on http://www.openbsd.org.mx/~santana/
I'll make a binary patch available anyways. Note that this will not be an official binary patch.
By Brandon Bowman () solarce@fallingsnow.net on http://www.solarce.com
Thanks and Regards,
Brandon Bowman
--solarce@fallingsnow.net
Comments
By m03 () on
Comments
By Brandon Bowman () solarce@fallingsnow.net on http://www.solarce.com
By Arrigo Tr () on
By Arrigo Triulzi () on http://www.alchemistowl.org/arrigo
You then need to redo the static binaries with:
cd /usr/src/bin
make clean && make && make install
cd /usr/src/sbin
make clean && make && make install
In theory you don't need the make clean as you only need to relink with libc but I had an issue with wsconsctl so I decided to go for the full thing (in any case it is such a small set of files that even my Pentium 233MMX managed in next to no time after libc...).
3.2>
Comments
By <font color="#336666"><b>Re: OpenBSD<3.2 & static binaries</b>< () on
Comments
By <font color="#336666"><b>Re: OpenBSD<3.2 & static binaries</b>< () on
Yes, you are wrong. Look in your /usr/src/ or on http://www.openbsd.org/cgi-bin/cvsweb/src/ and note the bin, sbin, usr.bin, and usr.sbin directories.
Where is the difference between (s)bin and usr.(s)bin?
hier(7) will help some, but basically /bin and /sbin have statically linked bins and /usr/* has dynamically linked bins.
By Arrigo Triulzi () on http://www.alchemistowl.org/arrigo
This is still upheld in *BSD and amongst commercial systems Tru64 Unix (ex- OSF/1). Solaris is a notable exception to this rule.
This is why there is a separate usr.bin and usr.sbin hierarchy under /usr/src.
By <font color="#336666"><b>Re: OpenBSD<3.2 & static binaries</b>< () on
# cd /usr/src/sbin
# make clean && make && make install
....
===> wsconsctl
cc -O2 -I. -c display.c
cc -O2 -I. -c keyboard.c
cc -O2 -I. -c keysym.c
keysym.c:44: keysym.h: No such file or directory
*** Error code 1
Stop in /usr/src/sbin/wsconsctl.
*** Error code 1
Stop in /usr/src/sbin.
Comments
By <font color="#336666"><b>Re: OpenBSD<3.2 & static binaries</b>< () on
By Arrigo Triulzi () on http://www.alchemistowl.org/arrigo
make depend
so the build chain becomes
make clean && make depend && make && make install
Apologies for not writing it explicitly.
Comments
By <font color="#336666"><b>Re: OpenBSD<3.2 & static binaries (wsc () on
By iwaki007 () on
By slacker_max () on
Comments
By tedu () on
Comments
By Andy () on
Comments
By Anonymous Coward () on
Right? ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:08.realpath.asc
By Anonymous Coward () on
Janusz Niewiadomski and Janusz Niewiadomski?
Is that a stupid joke?
Maybe patch is also a stupid joke?
Comments
By Anonymous Coward () on
By Anonymous Coward () on