Full Disclosure mailing list archives
Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me)
From: coderman <coderman () gmail com>
Date: Mon, 30 May 2011 16:27:31 -0700
On Mon, May 30, 2011 at 6:56 AM, halfdog <me () halfdog net> wrote:
... It seems that quite a few backup applications are (or were) vulnerable to special combined symlink/timing attacks on pathname components before the last one (so O_NOFOLLOW does not help). ... Please let me know, if ... you have good reason, that the kernel interface is not the point, where this issue could be addressed most efficiently.
use lvm snapshots for backups, either directly at volume level or mounting a read-only snapshot and running backup over that static filesystem state. running backups on live filesystems? not a great idea even if these issues resolved. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) halfdog (May 30)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) coderman (May 30)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) Andrew Farmer (May 30)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) coderman (May 30)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) coderman (May 30)
- [Security Tool] INSECT Pro 2.6.1 is here Juan Sacco (May 30)
- Re: [Security Tool] INSECT Pro 2.6.1 is here Jeff Blaum (May 31)
- Re: [Security Tool] INSECT Pro 2.6.1 is here Peter Osterberg (May 31)
- Re: [Security Tool] INSECT Pro 2.6.1 is here ichib0d crane (May 31)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) Andrew Farmer (May 30)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) Valdis . Kletnieks (May 31)
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) coderman (May 30)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) halfdog (May 31)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me) halfdog (May 31)