[8003] in bugtraq
Filesystem DoS on SCO Openserver 5
daemon@ATHENA.MIT.EDU (Tim Kutergin)
Mon Sep 21 17:02:06 1998
Date: Mon, 21 Sep 1998 14:56:32 +0400
Reply-To: Tim Kutergin <tim@INFORIS.RU>
From: Tim Kutergin <tim@INFORIS.RU>
To: BUGTRAQ@NETSPACE.ORG
Hi All !
It seems that I have been hit by bug in HTFS filesystem on SCO
Openserver 5. The problem is that You could do unlink("..") and this
operation will be successful (if You have permissions) corrupting
filesystem. I have discovered this anomaly when investigating constant
system crashes when users were deleting mailboxes in Cyrus imap server
1.5.2 There was bad code in imapd that was trying to delete ".." when
removing mailbox (newer versions of imapd are fixed). So usual user may
severely damage filesystem by doing unlink("..") in subdirectories, where
hi has permissions to do this. I had reported this bug to SCO, but they
replied that I have problems with hardware.
Sorry for bad English
Timofey
