Re: Odd filesystem permission handling

Wakko Warner (wakko@animx.eu.org)
Sat, 19 Jun 1999 09:15:19 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Wakko Warner: "Re: Odd filesystem permission handling"
Previous message: Rogier Wolff: "Re: Odd filesystem permission handling"
In reply to: David Hinds: "Re: More general resource allocation scheme: a patch to look at"

> >> This must be stopped:
> >>
> >> ln /etc/passwd ~/passwd
> >> chown user.group ~/passwd
> >
> > doesn't work:
>
> Yes, because Linux prevents operation 2.
> It would be more logical (but less traditional)
> to prevent operation 1 instead.
>
> For now, I'd prefer to prevent both operations.
> It is unsafe to allow operation 2 without getting
> rid of old kernels and evil links.

I would agree on the first... But maybe it should be for files that are
suid/sgid. I rememeber when there was the "Sendmail hole of the week" going
on. Someone could just:
cd /tmp
ln /usr/lib/sendmail .sendmail

And when the admin upgraded, the hole was still there. (Made me glad /usr
was on another fs!)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Wakko Warner: "Re: Odd filesystem permission handling"
Previous message: Rogier Wolff: "Re: Odd filesystem permission handling"
In reply to: David Hinds: "Re: More general resource allocation scheme: a patch to look at"