[LWN Logo]

 Main page
 On the Desktop
 Linux in the news
 Linux History
All in one big page

See also: last week's Security page.


News and Editorials

Code scanners. Two new security related tools were announced this week, both relating to code scanning: RATS and flawfinder. Both tools perform tests on source code in an attempt to find common coding problems that can lead to security vulnerabilities. Such problems are limited to function calls for both RATS and flawfinder. Any functions specified in a flawfinder database are known as hits and will cause any references to them in the source to be examined to be flagged. Flawfinder and RATS join another application its4, which was noted by LWN.net late last year.

According to David Wheeler, author of the Secure Programming for Linux and Unix HOWTO, flawfinder is Python based and was developed in response to issues surrounding Cigital's use of the term open source with its its4 product. Additionally, both flawfinder and RATS developers have agreed to work together.

The developers [of flawfinder and RATS] didn't know about each other's efforts until just before their releases, but they have agreed to coordinate in some way to create a "best of breed" source code scanner.

These scanners are very useful for finding function calls that are often the cause of security problems. Unfortunately, RATS wouldn't compile even though the required Expat library was installed under /usr/lib. Flawfinder worked out of the box, as did its4. Each produced varying results on the same piece of code.

While such tools are helpful, they shouldn't be considered cures for security illnesses in any software. They should be used in conjunction with memory checkers to catch potential buffer overflows. And, of course, nothing beats following some simple programming guidelines.

Hacker-tracking site throws in the towel (ZDNet). Defacement of web sites has become such a common problem that Attrition.org, a volunteer run web site that follows computer security issues, is halting their tracking of these events. According to the ZDNet story,

when online vandals deface a site, they typically tip off Attrition, which then confirms the defacement by going to the tagged page itself, copying the page and putting it in the archive.

Rethinking Music Security (Wired). SDMI appears to be mired in its members own political posturing, according to this Wired News story. "SDMI's Phase II specifications were to provide hardware and software makers with parameters to build players that would work with secure formats, legally obtained MP3s and CDs, while blocking access to files that had been hacked. But the consortium became entangled in its own internal politics, which ended any chance of the screening specifications getting developed."

Security Reports

Reiserfs kernel race condition. A race condition in reiserfs has been reported that can expose raw data from the disk to an unprivileged user. Chris Mason has made a patch available to fix the problem. Check the reiserfs mailing list for more details. The same problem has been reported to affect the ufs and ext2fs drivers in FreeBSD systems.

MIT Kerberos FTP daemon buffer overflows. Multiple buffer overflows have been reported and confirmed in the gssapi-aware ftpd daemon included with MIT Kerberos 5, all versions. If anonymous ftp is enabled, a remote root exploit is possible. Otherwise, a local root exploit or a remote root exploit via an authorized login.

Red Hat update to mktemp. Red Hat has issued a security update for mktemp which does not support making temporary directories in certain versions of their distributions.


man -S heap overflow. Check the May 17th LWN Security Summary for the initial report. The exploitability is definitely on whether or not the man command is installed setgid group man.

This week's updates:

ptrace/execve/procfs race condition in the Linux kernel 2.2.18. Exploits were released the week of March 29th for a ptrace/execve/procfs race condition in the Linux kernel 2.2.18. As a result, an upgrade to Linux 2.2.19 is recommended.

The Linux 2.2.19 release notes give the specifics on all the security-related fixes in 2.2.19 (all thirteen of them!) and give credit to the Openwall project and Chris Evans, for the majority of the third-party testing and auditing work that turned up these bugs. Fixes for the same bugs have also been ported forward into the 2.4.X kernel series.

This week's updates:

Previous updates:

XEmacs/gnuserve. Check the February 8th Security Summary for details.

This week's updates:

Previous updates:

mgetty tmp file race problem. mgetty was one of twelve packages reported in January to contain tmp file race problems. Check the January 11th LWN Security Summary for the initial report.

This week's updates:

Previous updates:

Minicom XModem Format String Vulnerabilities. Check the May 10th LWN Security Summary for the original report or BugTraq ID 2681.

This week's updates:

Previous updates:

gnupg. gnupg 1.0.5 was released on April 29th. Check the May 3rd LWN Security Summary for details. An upgrade to 1.0.5 is recommended.

This week's updates:

Previous updates:

Samba local disk corruption vulnerability. Check the April 19th LWN Security Summary for the original report. This problem has been fixed in Samba 2.0.8 and an upgrade is recommended. Note that all versions of Samba from (and including) 1.9.17alpha4 are vulnerable (except 2.0.8, of course). BugTraq ID 2617.

Note that recently Andrew Tridgell released Samba 2.0.9 stating that the fix in 2.0.8 did not really resolve the problem. Samba 2.2.0 users are not affected by this problem.

This week's updates:

Previous updates:

OpenSSH 2.5.2p2 released. Check the March 29th LWN Security Summary for the original report.

This week's updates:

Previous updates:


Linux Kernel Instrumentation Project. John Munson has formed a group to work in instrumenting various kernels from Linux to BSD. Here is the introduction from the Sourceforge home of the project:

Hand instrumentation of common kernel for the purpose of behavioral analysis. And kernel modifications that insure that proper execution of the processes analyzing the behavioral profiles produced. Proposed kernels: linux, *bsd, and solaris.

Worldwide Copyrights a Quagmire? (Wired). Wired News has an article on Richard Stallman's presence on a Commerce Department roundtable on the Hague Convention. "Currently the Hague Convention includes copyright offenses in a section that Stallman, Internet providers, and consumer groups are lobbying to remove. Stallman, for instance, claims countries that are even more permissive about awarding software patents could sue U.S. programmers for violating them -- and thereby wreak havoc on the free software movement."


Upcoming Security Events.
Date Event Location
May 29, 2001Security of Mobile Multiagent Systems (SEMAS - 2001)Montreal, Canada
May 31 - June 1, 2001The first European Electronic Signatures SummitLondon, England, UK
June 1 - 3, 2001Summercon 2001Amsterdam, Netherlands
June 4 - 8, 2001TISC 2001Los Angeles, CA, USA
June 5 - 6, 20012nd Annual IEEE Systems, Man, and Cybernetics Information Assurance WorkshopUnited States Military Academy, Westpoint, New York, USA
June 11 - 13, 20017th Annual Information Security Conference: Securing the Infocosm: Security, Privacy and RiskOrlando, FL, USA.
June 17 - 22, 200113th Annual Computer Security Incident Handling Conference (FIRST 2001)Toulouse, France
June 18 - 20, 2001NetSec Network Security Conference(NetSec '01)New Orleans, Louisiana, USA.
June 19 - 20, 2001The Biometrics SymposiumChicago, Illinois, USA.
July 11 - 12, 2001Black Hat Briefings USA '01Las Vegas, Nevada, USA.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Michael J. Hammel

May 24, 2001

LWN Resources

Secured Distributions:
Astaro Security
Engarde Secure Linux
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux

Security Projects
Linux Security Audit Project
Linux Security Module

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

BSD-specific links

Security mailing lists
Linux From Scratch
Red Hat
Yellow Dog

Security Software Archives
ZedZ.net (formerly replay.com)

Miscellaneous Resources
Comp Sec News Daily
Security Focus


Next: Kernel

Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds