again security proposal

Yuri Kuzmenko (yuri@cs.cracksoft.kiev.ua)
Mon, 29 Dec 1997 11:55:05 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gordon Chaffee: "Re: msdos fs cd ..."
Previous message: Boris Tobotras: "Re: Default character set of the Linux console"
Next in thread: Alan Cox: "Re: again security proposal"
Reply: Alan Cox: "Re: again security proposal"
Reply: =?ISO-8859-1?Q?Johan_Myr=E9en?=: "Re: again security proposal"

I have some security proposal. Hardlinks in given filesystem can created by any
user. Well known hardlink attack ($ ln /etc/passwd ~/.somestuff; # chown user
/home/user -R; $ vi ~/.somestuff) now maybe done by any user. Any sysadmin
can't remember all her security "holes" (i.e. some chown user.group ... -R in
system crontabs). I think that we must _CHECK_ permissions for files before
make hardlink. If this conflicts with some standards, maybe needed to make this
configurable.

Next message: Gordon Chaffee: "Re: msdos fs cd ..."
Previous message: Boris Tobotras: "Re: Default character set of the Linux console"
Next in thread: Alan Cox: "Re: again security proposal"
Reply: Alan Cox: "Re: again security proposal"
Reply: =?ISO-8859-1?Q?Johan_Myr=E9en?=: "Re: again security proposal"