Posted on 10/10/2013 12:25:17 PM PDT by ShadowAce
Many programming languages have since changed Boolean and equality checks to utilize linguistic code in addition to old-school code.
A good example is Microsoft’s Powershell or VBscript where one can use equality identifiers such as “-eq” or “-lt/-gt” (less-than/greater-than) in addition to the conventional syntax.
I’ve taken a liking to -eq or even -like for a more loose check.
This article, by the way, continues to bolster the open source movement as a much better, safer alternative to closed-source operating systems like Windows and OSX. Huzzah for community acceptance!
Isn't it sad that we have to lump the NSA in with the other nefarious types?
It has not been "our" government for a long time.
an interesting secondary check would be to look for any code out there that would make the call with both of those options set. see if something was checked in somewhere... and maybe follow from there
I think this is a system call so the call would likely come from user land so it’s not like you could just scan the kernel code base - I wonder if it’s simply something that could be called from any arbitrary userland program which effectively means there’s no fixed code base to scan. Assuming this is in the code that handles the system calls from userland.
Well, OK, but this is from kernel code and last time I checked there as no Powershell or VBScript in the linux kernel nor do I expect that to happen any time soon :)
Certainly in 2013 Obama would ‘back door’ any opportunity he can.
C short-circuit evaluates conditionals. That means, if the first term of an ANDed pair of terms is false, the second term is never evaluated.
So, in this case, the term (options == (__WCLONE|__WALL) is acting as an "open sesame" incantation. You have to know about it in order to open the backdoor. Unless the options check evaluates to true, the (current->uid = 0) is simply skipped. If the options check does evaluate true, then the uid gets set to zero (root), and the number zero is evaluated as a boolean, resulting in a value of false. Thus, in neither case does retval = -EINAL; take place.
True enough. However, I didn’t mean to imply anything different.
My point wasn’t the contrary of what you are saying. My point was more along the lines of not knowing if the case of having both flags being true was a “real case” that comes up in daily life or instead was basically a “open sesame” case stuck in for malicious intent.
Agreed. I was speaking to wider languages. I don’t expect kernel code to ever be modified.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.