Bugtraq mailing list archives
Re: hard links on Linux create local DoS vulnerability and security problems
From: "David F. Skoll" <dfs () roaringpenguin com>
Date: Mon, 24 Nov 2003 13:57:12 -0500 (EST)
On Mon, 24 Nov 2003, Bruno Lustosa wrote:
Just checked this on 2.6.0-test9, and it will not work.
[Keeping SUID bits by making a hard link.] This is true even on ancient version of Linux and UNIX. A hard link just contains a name and an inode number. The permissions are stored in the inode, so all hard links share the same permissions, owner, etc. -- David.
Current thread:
- hard links on Linux create local DoS vulnerability and security problems Jakob Lell (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Brian Bennett (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Bruno Lustosa (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems David F. Skoll (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Steven Leikeim (Nov 24)
- Re: [Full-Disclosure] hard links on Linux create local DoS vulnerability and security problems Michal Zalewski (Nov 24)
- <Possible follow-ups>
- Re: hard links on Linux create local DoS vulnerability and security problems Alan J Rosenthal (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Carl Ekman (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Casper Dik (Nov 24)