CVE-2008-0777

The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files...

FreeBSD sendfile(2)函数只写文件权限绕过安全限制漏洞

BUGTRAQ ID: 27789 CVECAN ID: CVE-2008-0777 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD在处理文件的访问控制时存在漏洞，本地攻击者可能利用此漏洞获取敏感信息。 当进程打开文件（和其他文件系统对象，如目录）时，会指定访问标记说明所要进行的读、写或其他操作。会对这些标记检查文件系统权限，然后存储到所生成的文件描述符，以验证之后的操作。...

FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:03.sendfile Security Advisory The FreeBSD Project Topic: sendfile2 write-only file permission bypass Category: core Module: syskern Announced: 2008-02-14...

FreeBSD-SA-08:03.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:03.sendfile Security Advisory The FreeBSD Project Topic: sendfile2 write-only file permission bypass Category: core Module: syskern Announced: 2008-02-14...