[824] in linux-security and linux-alert archive
Re: [linux-security] Big security hole in kerneld's request_route
daemon@ATHENA.MIT.EDU (Zefram)
Wed Jun 19 14:43:51 1996
From: Zefram <A.Main@dcs.warwick.ac.uk>
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 17 Jun 1996 00:35:39 +0100 (BST)
In-Reply-To: <Pine.SV4.3.91.960613170946.904A-100000@top.dbd.com> from "Mark Whitis" at Jun 13, 96 05:28:28 pm
-----BEGIN PGP SIGNED MESSAGE-----
>Another method would be to create a mount option "nosymlinks", similar
>to "nosuid", and put your publicly writeable filesystems there.
Every time another security hole involving symlinks in /tmp appears,
someone suggests that we disable symlinks in /tmp somehow. A while ago
someone suggested using the setuid bit on directories for this. The
above is the best method I've seen suggested yet: it's simple, there's
no way around it, and it's easy to code (it's very similar to the nodev
option). Can someone with more time than me please implement this?
-zefram
-----BEGIN PGP SIGNATURE-----
Version: 2.6.i
iQCVAgUBMcSaH3D/+HJTpU/hAQGIggP/YLqvVr9QQuFayicxAYpER5AuZ4CRhWQl
DKz6PBqeK40qu/Em8JJ8YRrVv2oiRROrSeMSr7CaBL68pYJYwSIAVJQGd077IGRG
yVr39YPlUFROfsxrPWOQX/L/82BDwzKhwiOGVEMHwVgpSdMCB0cGer+vuivvUr5e
/WXGSywXe5A=
=hPc3
-----END PGP SIGNATURE-----
--
Andrew Main <zefram@dcs.warwick.ac.uk>