Re: hard links create local DoS vulnerability and security problems

From: John Bradford
Date: Mon Nov 24 2003 - 17:01:42 EST

Next message: J.A. Magallon: "Re: Linux 2.4.23-rc4"
Previous message: Linus Torvalds: "Re: What exactly are the issues with 2.6.0-test10 preempt?"
In reply to: Ricky Beam: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quote from Andy Lutomirski <luto@xxxxxxxxxxxxx>:
>
>
> Valdis.Kletnieks@xxxxxx wrote:
>
> >
> > In any case, if a user is *MAKING* a program set-UID, it's probably because
> > he *wants* it to run as himself even if others invoke it (otherwise, he
> > could just leave it in ~/bin and be happy). So this is really a red herring,
> > as it's only a problem if (a) he decides to get rid of the binary, and fails
> > to do so because of hard links he doesn't know about, or (b) he's an idiot
> > programmer and it malfunctions if invoked with an odd argv[0]....
>
> Right... but non-privileged users _can't_ delete these extra links, even
> if they notice them from the link count.

They can truncate the file to zero length, though, then delete the
'original' link, making all of the other links point to the zero
length file.

John.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: J.A. Magallon: "Re: Linux 2.4.23-rc4"
Previous message: Linus Torvalds: "Re: What exactly are the issues with 2.6.0-test10 preempt?"
In reply to: Ricky Beam: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]