4221 – Possible root compromises via man/groff.

Bug 4221 - Possible root compromises via man/groff.

Summary: Possible root compromises via man/groff.

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	man
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	David Lawrence
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-07-27 14:01 UTC by Jason Costomiris
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	1999-08-23 15:45:05 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jason Costomiris 1999-07-27 14:01:55 UTC

The RPMs for groff that come with RH 6.0 apply a patch,
groff-1.11-safer.patch, which removes the unsafe groff
commands.

It is possible that the unsafe commands could find their way
back in should the user decide to rebuild groff and not take
the time to kill the unsafe commands.  This situation can be
avoided by changing the /etc/man.config file.  The TROFF and
NROFF lines should be modified to include the -S flag,
indicating that the "safer" mode of groff should be used for
formatting man pages.

Comment 1 Preston Brown 1999-08-23 15:45:59 UTC

If someone rebuilds groff and introduces a security hole, then they
are putting themselves at risk.  adding the -S field to
/etc/man.config will only move the problem around -- other
applications / uses of groff will still have the hole.  This not truly
lead to better security.

We do not recommend that people rebuild packages unless they are very
sure they understand what they are doing.

Note You need to log in before you can comment on or make changes to this bug.