Full Disclosure mailing list archives
Re: hard links on Linux create local DoS vulnerability and security problems
From: "I.R.van Dongen" <vdongen () hetisw nl>
Date: Tue, 25 Nov 2003 08:53:15 +0100
On Mon, 24 Nov 2003 12:45:04 -0500 flaps () dgp toronto edu (Alan J Rosenthal) wrote:
Furthermore, users can even create links to a setuid binary.Only if it's on the same partition. This is just one of a huge number of reasons you shouldn't allow users to write to your root or /usr partitions.
That's why I dislike the fbsd default to put /home on /usr/home if there is no /home partition. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: hard links on Linux create local DoS vulnerability and security problems, (continued)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Jeremiah Cornelius (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Peter Busser (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Kurt Seifried (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Michal Zalewski (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Christopher Allene (Nov 26)
- Re: Re: hard links on Linux create local DoS vulnerability and security problems Jeremiah Cornelius (Nov 26)
- Re: hard links on Linux create local DoS vulnerability and security problems Alan J Rosenthal (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Casper Dik (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Carl Ekman (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Trent Petrasek (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems Seth Breidbart (Nov 24)
- Re: hard links on Linux create local DoS vulnerability and security problems I.R.van Dongen (Nov 25)
- Re: hard links on Linux create local DoS vulnerability and security problems Bob Beck (Nov 25)