centos 6
misc weakness #19

5

Weakness Breakdown


Definition:

The software specifies permissions for a security-critical resource in a way that allows the resource to be read or modified by unintended actors.

Warning code(s):

Never create NULL ACLs; an attacker can set it to Everyone.

File Name:

ocaml-3.11.2/win32caml/startocaml.c

Context:

The highlighted line of code below is the trigger point of this particular Centos 6 misc weakness.

 instance if the user or some program types #quit;;.
In this case, the waiting thread awakens and exits
the user interface.
Input:         Not used. It uses the OcamlPath global variable, that
is supposed to be correct, no test for its validity
are done here.
Output:        None visible
Errors:        If any system call for whatever reason fails, the
thread will exit. No error message is shown.
------------------------------------------------------------------------*/
DWORD WINAPI DoStartOcaml(LPVOID param)
{
        HWND hwndParent = (HWND) param;
	char *cmdline;
	int processStarted;
	LPSECURITY_ATTRIBUTES lpsa=NULL;
	SECURITY_ATTRIBUTES sa;
	SECURITY_DESCRIPTOR sd;

	sa.nLength = sizeof(SECURITY_ATTRIBUTES);
	// Under windows NT/2000/Whistler we have to initialize the security descriptors
	// This is not necessary under windows 98/95.
	if (IsWindowsNT()) {
		InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION);
		SetSecurityDescriptorDacl(&sd,TRUE,NULL,FALSE);
		sa.bInheritHandle = TRUE;
		sa.lpSecurityDescriptor = &sd;
		lpsa = &sa;
	}
	memset(&startInfo,0,sizeof(STARTUPINFO));
	startInfo.cb = sizeof(STARTUPINFO);
	// Create a pipe for the child process's STDOUT.
	if (! CreatePipe(&hChildStdoutRd, &hChildStdoutWr, &sa, 0))
		return 0;
	// Create a pipe for the child process's STDIN.
	if (! CreatePipe(&hChildStdinRd, &hChildStdinWr, &sa, 0))
		return 0;
	// Setup the start info structure
	startInfo.dwFlags = STARTF_USESTDHANDLES|STARTF_USESHOWWINDOW;
	startInfo.wShowWindow = SW_HIDE;
	startInfo.hStdOutput = hChildStdoutWr;
	startInfo.hStdError = hChildStdoutWr;
	startInfo.hStdInput = hChildStdinRd;
	cmdline = OcamlPath;
	// Set the OCAMLLIB environment variable
	SetEnvironmentVariable("OCAMLLIB", LibDir);
	// Let's go: start the ocaml interpreter
	processStarted = CreateProcess(NULL,cmdline,lpsa,lpsa,1,
		CREATE_NEW_PROCESS_GROUP|NORMAL_PRIORITY_CLASS,
		NULL,ProgramParams.CurrentWorkingDir,&startInfo,&pi); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.