[1715] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Towards a solution of tmp-file problems (fwd)

daemon@ATHENA.MIT.EDU (Allen Bolderoff)
Fri Mar 13 07:18:26 1998

To: linux-security@redhat.com
In-Reply-To: Your message of "Thu, 12 Mar 1998 11:27:26 BST."
             <01IUKSJ70HB6000EGL@alpham.uni-mb.si> 
Date: Fri, 13 Mar 1998 17:27:49 +1130
From: Allen Bolderoff <allen@gist.net.au>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com


my 2c

All of these solutions have good & bad merit, but the bottom line is this, 
whilst a user is able to create symlinks into the /tmp directory most fail.

would it be possible to tell the kernel not to follow symlinks out of the /tmp 
directory as a broad based rule?

or have the kernel create a virtual filesystem that doesn't allow 
symlinks/hardlinks?

IMHO, the only solution is going to be kernel based in this manner.

therefore if someone/thing creates a symlink, it would actually symlink to a 
chrooted filesystem that only exists within the kernel.  ie, if I do

ln -sf /etc/sendmail.cf /tmp/tmpfile.xxx

it would actually not link to .etc.sendmail.cf, but to a non existant file 
within the kernel (a chrooted virtual non useable filesystem)

just a thought.


Allen

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post