Bugtraq mailing list archives
nosymfollow Re: SSH allows deletion of other users files...
From: Jan Grant <Jan.Grant () bristol ac uk>
Date: Wed, 6 Jun 2001 09:51:10 +0100 (BST)
On Mon, 4 Jun 2001, zen-parse wrote:
[zen@clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9
For a long time now I've been mounting /tmp with the "nosymfollow" option (FreeBSD) - nothing seems to be broken by this, apart from a whole slew of these kinds of bugs :-) Apologies for pointing out the obvious; this mount option seems really useful. jan (expecting a flood of "but it breaks this" mail now) -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287163 Fax +44 (0)117 9287112 RFC822 jan.grant () bris ac uk YKYBPTMRogueW... you try to move diagonally in vi.
Current thread:
- Re: SSH allows deletion of other users files..., (continued)
- Re: SSH allows deletion of other users files... Markus Friedl (Jun 05)
- Re: SSH allows deletion of other users files... aleph1 (Jun 05)
- Re: SSH allows deletion of other users files... David F. Skoll (Jun 04)
- Re: SSH allows deletion of other users files... sarnold (Jun 05)
- Re: SSH allows deletion of other users files... Markus Friedl (Jun 04)
- Re: SSH / X11 auth: needless complexity -> security problems? Peter W (Jun 05)
- Re: SSH / X11 auth: needless complexity -> security problems? Markus Friedl (Jun 08)
- Re: SSH / X11 auth: needless complexity -> security problems? Theo de Raadt (Jun 10)
- Message not available
- Message not available
- Re: SSH / X11 auth: needless complexity -> security problems? Dale Southard (Jun 08)
- Re: SSH / X11 auth: needless complexity -> security problems? Casper Dik (Jun 10)
- Re: SSH allows deletion of other users files... sarnold (Jun 05)