Full Disclosure mailing list archives
Re: hard links on Linux create local DoS vulnerability and security problems
From: Jakob Lell <jlell () JakobLell de>
Date: Mon, 24 Nov 2003 19:31:19 +0100
On Monday 24 November 2003 19:17, Steven Leikeim wrote:
On Mon, Nov 24, 2003 at 05:36:29PM +0100, Jakob Lell wrote:Hello, on Linux it is possible for any user to create a hard link to a file belonging to another user. This hard link continues to exist even if the original file is removed by the owner. However, as the link still belongs to the original owner, it is still counted to his quota. If a malicious user creates hard links for every temp file created by another user, this can make the victim run out of quota (or even fill up the hard disk). This makes a local DoS attack possible.Actually, this is a problem with ALL UNIX/UNIX like systems. And has been since the beginning.To solve the problem, the kernel shouldn't allow users to create hard links to files belonging to someone else.There is a simpler solution. Place user files on a separate filesystem from system files. This includes putting all temporary files on separate filesystems of their own. (Both /tmp and /var/tmp.) Since hard links cannot cross filesystems the problem disappears. Mounting user filesystems nosuid and nodev will prevent security problems should a setuid binary appear in that filesystem.
There are still many administrators which don't do this.
Of course, this does not eliminate the first "DoS" problem noted above, but it is simple for an administrator to find where the extraneous links are and deal with the offending party.
This is no reason why it shouldn't be fixed. The victim can't solve the problem if the admin isn't available at the moment. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- hard links on Linux create local DoS vulnerability and security problems Jakob Lell (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Brian Bennett (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Michal Zalewski (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems petard (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Jakob Lell (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Valdis . Kletnieks (Nov 25)
- Re: hard links on Linux create local DoS vulnerability and security problems petard (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Zow (Nov 25)
- Re: hard links on Linux create local DoS vulnerability and security problems vb (Nov 25)
- Message not available
- Re: hard links on Linux create local DoS vulnerability and security problems Steven Leikeim (Nov 26)
- Re: hard links on Linux create local DoS vulnerability and security problems Jakob Lell (Nov 24)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Jeremiah Cornelius (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Peter Busser (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Kurt Seifried (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Michal Zalewski (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Christopher Allene (Nov 26)
- <Possible follow-ups>
- Re: hard links on Linux create local DoS vulnerability and security problems Alan J Rosenthal (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Casper Dik (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Carl Ekman (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Trent Petrasek (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Seth Breidbart (Nov 24)