Bugtraq mailing list archives
Re: Announcement: Phrack 52
From: okir () CALDERA DE (Olaf Kirch)
Date: Wed, 28 Jan 1998 11:00:22 +0100
Hi, There's a Linux kernel patch floating on the net, and now has been published in Phrack, that is supposed to make /tmp directories more secure. In particular, it claims to keep users from creating hard links in +t directories. However the patch does not protect the rename call, so the following should give you a hardlink to passwd in /tmp: mkdir /tmp/foo (no sticky bit on foo) ln /etc/passwd /tmp/foo mv /tmp/{foo/,}passwd Cheers Olaf
Current thread:
- Re: pnserver exploit.., (continued)
- Re: pnserver exploit.. Donald van de Weyer (Jan 21)
- (AUSCERT ESB-98.009) CERT Advisory CA-98.02 - Vulnerabilities in Grant Beattie (Jan 21)
- Q179148: Settings May Not Be Applied with URL with Short Filename Aleph One (Jan 23)
- CDE: dtappgather on AIX Marcin Cieslak (Jan 25)
- Simple OpenBSD crash script Jason Downs (Jan 25)
- Re: Simple OpenBSD crash script GvS One (Jan 28)
- Quake 2 Linux kevingeo () CRUZIO COM (Jan 25)
- Re: Quake 2 Linux Greg Alexander (Jan 27)
- Announcement: Phrack 52 route () RESENTMENT INFONEXUS COM (Jan 26)
- Microsoft responds to bug in Exchange Server Tony Hagale (Jan 27)
- Re: Announcement: Phrack 52 Olaf Kirch (Jan 28)
- KSR[T] Advisory #7: filter KSR[T] (Jan 29)
- Bug in IMail's pop3d32.exe RHS Linux User (Jan 29)
- Secure Linux patch Solar Designer (Jan 29)
- Gaining Domain Admins access on LAN (fwd) Weld Pond (Jan 28)
- GZEXE - the big problem Micha? Zalewski (Jan 28)