Full Disclosure mailing list archives
Re: FAT32 input > output = null?
From: jamie <jamie () arpa com>
Date: Thu, 8 Apr 2004 10:56:39 -0500
I read m.wood's post, and had to go read the OP. This is a serious vulnerability. The type as referenced Microsoft #id-10T et al, Pebkac edition.The other day, I was at the post office.. My postal person left a notice for me to pick up a package.
Big, long, slow moving line.. and this Certain Ethnic woman was on her cell phone.. talking at the top of her vocal volume, like she was on a tin can and string about 100 miles long, really annoying everyone in line.
This lady in front of me finally piped up "Will you be quiet? Take that outside."
The CE woman gave this "pissoff" look to the lady in front of me, and kept talking.
The lady turned dismissed the CE woman, and turned around to comment to me.
"Some people are just too stupid to yell at or explain why they're idiots," she said.
I agree. On 7 Apr 2004, at 18:19, Chris Palmer wrote:
chris writes:This also works with the 2.4.24 Linux kernel (Slackware 9.1):It's the shell, not the kernel. When you say "./foo > ./foo", the shellinterprets "> ./foo" FIRST and does something like open("foo", O_TRUNC |O_CREAT). Take a look at any Unix shell document and the open(2) man page -- this is old, known, documented behavior. It may violate the principle of least surprise, but it's not a vulnerability in the proper sense. -- Chris Palmer Staff Technologist, Electronic Frontier Foundation 415 436 9333 x124 (desk), 415 305 5842 (cell) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FAT32 input > output = null? morning_wood (Apr 06)
- Re: FAT32 input > output = null? bipin gautam (Apr 07)
- <Possible follow-ups>
- Re: FAT32 input > output = null? chris (Apr 07)
- Re: FAT32 input > output = null? Chris Palmer (Apr 07)
- Re: FAT32 input > output = null? jamie (Apr 08)
- Re: FAT32 input > output = null? madsaxon (Apr 08)
- Re: FAT32 input > output = null? Chris Palmer (Apr 07)
- Re: FAT32 input > output = null? morning_wood (Apr 07)
- Re: FAT32 input > output = null? Nico Golde (Apr 08)
- Re: FAT32 input > output = null? Hugh Mann (Apr 07)
- Re: FAT32 input > output = null? morning_wood (Apr 07)
- Re: FAT32 input > output = null? J.A. Terranson (Apr 07)
- RE: FAT32 input > output = null? Aditya, ALD [Aditya Lalit Deshmukh] (Apr 08)
- Re: FAT32 input > output = null? morning_wood (Apr 08)
- Re: FAT32 input > output = null? Harlan Carvey (Apr 08)
- Re: FAT32 input > output = null? morning_wood (Apr 07)
- Re: FAT32 input > output = null? Frederic Pasteleurs (Apr 08)