Re: security warning

t0mmy (t0mmy@news.mobis.com)
Tue, 16 Dec 1997 11:46:15 -0600 (GMT+6)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stefan Monnier: "Re: Conditional SymLinks"
Previous message: Andrzej M. Krzysztofowicz: "Some 2.1.72 patches"
In reply to: Albert D. Cahalan: "security warning"
Next in thread: Chris Wedgwood: "Re: security warning"

There's been a lot of discussion about this already, pay attention. It is
not a sure thing, it's easy to get around i've been told, and many
complain that it breaks unix standards. ie: the symlink in /tmp shit..

**********************************************************************
* Michael Freeman - UNIX/Network Engineer - Mobile Internet Services *
* www.mobis.com/~mfreeman - mfreeman@mobis.com >8) *
**********************************************************************
* "/earth is 98% full ... please delete anyone you can." *
**********************************************************************

On Tue, 16 Dec 1997, Albert D. Cahalan wrote:

> I suspect nearly everybody has a security hole on their system.
> (some of you can guess... please wait a few weeks)
> I would strongly suggest the following patch:
> ftp://ftp.fuller.edu/Linux/symlink-attack-patch-2.1.71
> I hope that patch gets in the kernel soon, default to "Y".
>

Next message: Stefan Monnier: "Re: Conditional SymLinks"
Previous message: Andrzej M. Krzysztofowicz: "Some 2.1.72 patches"
In reply to: Albert D. Cahalan: "security warning"
Next in thread: Chris Wedgwood: "Re: security warning"