Bugtraq mailing list archives
Re: A vulnerability in Lynx (all versions)
From: bluca () comedia it (Luca Berra)
Date: Tue, 6 May 1997 13:57:55 +0200
Actually, for those out there running linux, someone (Andrew tridgell if i remember correctly) wrote a kernel patch to completely disable symlinks in tmp attacks. basically it does not follow any symlinks (in directories with the sticky bit set) if the owner of the link is different than the owner of the target. i think something like this should be implemented in other OSes as well. Regards Luca -- Luca Berra -- bluca () comedia it System and Network Manager - CoMedia s.r.l. PGP Public key available via finger
Current thread:
- Re: A vulnerability in Lynx (all versions) Luca Berra (May 06)