Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux

From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Mon, 26 Oct 2009 12:24:03 +0100 (CET)

On Sun, 25 Oct 2009, Pavel Kankovsky wrote:

pavel might have detected this attack if he checked the number of
hardlinks on "unwritable_file"  between the chmod's. But he did not
check that.


I stand corrected. He did it--in a comment:

# check link count on unwritable_file. We would not want someone 
# to have a hard link to work around our permissions, would we?


-- 
Pavel Kankovsky aka Peak                          / Jeremiah 9:21        \
"For death is come up into our MS Windows(tm)..." \ 21st century edition /

Current thread:

Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- - - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Ivan Jager (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Klaus Lichtenwalder (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Daryl Tester (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 27)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 29)
  - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 27)
- Re: Re: /proc filesystem allows bypassing directory permissions on Linux nomail (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Kinzel, David (Oct 26)

(Thread continues...)