[21241] in bugtraq
Re: smbd remote file creation vulnerability
daemon@ATHENA.MIT.EDU (Steve Beattie)
Thu Jun 28 16:18:58 2001
Date: Wed, 27 Jun 2001 17:10:03 -0700
From: Steve Beattie <steve@wirex.net>
To: bugtraq@securityfocus.com
Message-ID: <20010627171003.A25215@wirex.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010627004252.A6280@wiggy.net>; from wichert@wiggy.net on Wed, Jun 27, 2001 at 12:42:52AM +0200
On Wed, Jun 27, 2001 at 12:42:52AM +0200, Wichert Akkerman wrote:
> Previously Pavol Luptak wrote:
> > Linux kernels with openwall patch (with restricted links in /tmp) are
> > imunne to this type of attack (following symlinks does not work, link
> > owner does not match with file's owner).
>
> If symlink don't work you can still use a hardlink though.
Note that the same option in the OpenWall patch also prevents the creation
of hardlinks to files that you don't own.
--
Steve Beattie Don't trust programmers?
<steve@wirex.net> Complete StackGuard distro at
http://immunix.org/~steve/ immunix.org
