funsec mailing list archives
Re: symlink creation (and sudo)
From: Damian Gerow <dgerow () afflictions org>
Date: Thu, 27 May 2010 14:24:41 -0400
der Mouse wrote: : Probably not. Symlinks don't point to files; they point to paths. It : is really very hard to do what you want here. Cnsider: : : % pwd : /home/mouse : % mkdir -p foo/bar : % cd foo/bar : % mkdir etc : % echo hello > etc/passwd : % mkdir -p home/mouse/king : % ln -s ../../../etc/passwd home/mouse/king/bob : : So far, everything has been totally sane: all my own files and : directories, all perfectly reasonable. But now: : : % mv home/mouse/king ~ : : Suddenly the file the bob symlink - now accessible as king/bob from my : homedir - points to is the real /etc/passwd. Ah, I hadn't thought of that scenario. Alright, I see what Valdis was driving at (voodoo security and MAC) now. Thanks! _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- symlink creation (and sudo) Damian Gerow (May 27)
- Re: symlink creation (and sudo) Bill Weiss (May 27)
- Re: symlink creation (and sudo) Valdis . Kletnieks (May 27)
- Re: symlink creation (and sudo) Damian Gerow (May 27)
- Re: symlink creation (and sudo) Valdis . Kletnieks (May 27)
- Re: symlink creation (and sudo) Damian Gerow (May 27)
- Re: symlink creation (and sudo) der Mouse (May 27)
- Re: symlink creation (and sudo) Damian Gerow (May 27)