Re: security warning

Albert D. Cahalan (acahalan@cs.uml.edu)
Tue, 16 Dec 1997 12:40:19 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Albert D. Cahalan: "Re: security warning"
Previous message: Jon Lewis: "Re: security warning"
In reply to: Alan Cox: "Re: security warning"
Next in thread: Kevin Buhr: "Re: security warning"

>> I would strongly suggest the following patch:
>> ftp://ftp.fuller.edu/Linux/symlink-attack-patch-2.1.71
>> I hope that patch gets in the kernel soon, default to "Y".
>
> Why do we want a patch breaking symbolic links and several applications.

Nobody has shown an application that breaks.

This would be 100% standard compliant behavior:

1. The sticky bit on directories has vaguely defined behavior.
Standards tend to add "has appropriate privileges", which
is a way to say "you could be MVS or NT and do weird stuff".

2. Link creation requires undefined "access" -- owner in this case.
Again, it is a way to let strange security policies be legal.

> Fix the applications or fix the use of /tmp even better still.

That will never happen. There are too many clueless software
developers in the world. Even commercial software (no source code)
has this kind of bug.

This is like trying to fix all the stack overflows: good luck!
Maybe we should rewrite everything in Pascal to be safe.

Next message: Albert D. Cahalan: "Re: security warning"
Previous message: Jon Lewis: "Re: security warning"
In reply to: Alan Cox: "Re: security warning"
Next in thread: Kevin Buhr: "Re: security warning"