Full Disclosure mailing list archives
Re: FAT32 input > output = null?
From: Chris Palmer <chris () eff org>
Date: Wed, 7 Apr 2004 16:19:00 -0700
chris writes:
This also works with the 2.4.24 Linux kernel (Slackware 9.1):
It's the shell, not the kernel. When you say "./foo > ./foo", the shell interprets "> ./foo" FIRST and does something like open("foo", O_TRUNC | O_CREAT). Take a look at any Unix shell document and the open(2) man page -- this is old, known, documented behavior. It may violate the principle of least surprise, but it's not a vulnerability in the proper sense. -- Chris Palmer Staff Technologist, Electronic Frontier Foundation 415 436 9333 x124 (desk), 415 305 5842 (cell) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FAT32 input > output = null? morning_wood (Apr 06)
- Re: FAT32 input > output = null? bipin gautam (Apr 07)
- <Possible follow-ups>
- Re: FAT32 input > output = null? chris (Apr 07)
- Re: FAT32 input > output = null? Chris Palmer (Apr 07)
- Re: FAT32 input > output = null? jamie (Apr 08)
- Re: FAT32 input > output = null? madsaxon (Apr 08)
- Re: FAT32 input > output = null? Chris Palmer (Apr 07)
- Re: FAT32 input > output = null? morning_wood (Apr 07)
- Re: FAT32 input > output = null? Nico Golde (Apr 08)
- Re: FAT32 input > output = null? Hugh Mann (Apr 07)
- Re: FAT32 input > output = null? morning_wood (Apr 07)
- Re: FAT32 input > output = null? J.A. Terranson (Apr 07)
- RE: FAT32 input > output = null? Aditya, ALD [Aditya Lalit Deshmukh] (Apr 08)
- Re: FAT32 input > output = null? morning_wood (Apr 08)
- Re: FAT32 input > output = null? Harlan Carvey (Apr 08)
- Re: FAT32 input > output = null? morning_wood (Apr 07)