[32560] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: hard links on Linux create local DoS vulnerability and security problems

daemon@ATHENA.MIT.EDU (Carl Ekman)
Mon Nov 24 15:23:00 2003

From: Carl Ekman <calle@gosig.nu>
To: flaps@dgp.toronto.edu (Alan J Rosenthal), bugtraq@securityfocus.com,
        full-disclosure@lists.netsys.com
Date: Mon, 24 Nov 2003 19:38:38 +0100
In-Reply-To: <20031124174512.76AD94F85A@atlas.dgp.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200311241938.38200.calle@gosig.nu>

Since many systems have /tmp on the root filesystem /tmp could also be used to 
link to setuid binaries.

> The link to setuid programs is more of concern except that it won't be able
> to happen unless you have setuid-root programs in a home directory
> partition, which sounds bad anyway.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32560] in bugtraq

Re: hard links on Linux create local DoS vulnerability and security problems

daemon@ATHENA.MIT.EDU (Carl Ekman)Mon Nov 24 15:23:00 2003

daemon@ATHENA.MIT.EDU (Carl Ekman)
Mon Nov 24 15:23:00 2003