Date: Mon, 20 Apr 1998 14:14:35 -0400
From: bst@INAME.COM
To: BUGTRAQ@NETSPACE.ORG
More Sunsite buggy soft:
- ftp://sunsite.unc.edu/pub/Linux/apps/video/qcam-0.7c-5.tar.gz
- ftp://sunsite.unc.edu/pub/Linux/apps/video/sqcam-0.1.tar.gz
We can see their Makefiles:
install:: all
install -s -m 4755 -o root sqcam $(BINPATH)
and
install:: all
install -s -m 4755 -o root qcam $(BINPATH)
install -s -m 4755 -o root xqcam $(BINPATH)
then in the .c's:
[...]
sprintf(lockfile,"/tmp/LOCK.qcam.0x%x",q->port);
if (-1 == (q->fd = open(lockfile, O_WRONLY | O_CREAT, 0666)))
[...]
Nothing to say here...
[...]
if (f == NULL) {
sprintf(buf, "Cannot open configuration file %s!", file);
perror(buf);
return 1;
}
/* Where _file_ is a command line option */
Nothing to say here neither...
Btw: Nothing to say ;)
Date: Mon, 20 Apr 1998 20:50:06 +0100
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@NETSPACE.ORG
Subject: Qcam : Actually seems to be generic libqcam bug
> More Sunsite buggy soft:
>
> - ftp://sunsite.unc.edu/pub/Linux/apps/video/qcam-0.7c-5.tar.gz
> - ftp://sunsite.unc.edu/pub/Linux/apps/video/sqcam-0.1.tar.gz
This extends throughout every libqcam based application I've looked at
so far including the SANE-0.67 scanner package, which is often installed setuid
for 'safe' setuid targets like generic scsi.
None of them open the lock file safely.
Alan
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
