oss-sec mailing list archives
Re: Re: [LightDM] Version 1.0.6 released
From: John Haxby <john.haxby () oracle com>
Date: Fri, 11 Nov 2011 10:05:40 +0000
On 11/11/11 08:06, Guido Berhoerster wrote:
Replacing the file between the lstat and the open would change its inode and then be caught by the check before the fchown, no?
Nope. There is no reason why the same inode should not be reused. On ext4 (btrfs seems to be different): $ touch test; ls -i test; rm test; touch test; ls -i test 656078 test 656078 test jch
Current thread:
- Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Marc Deslauriers (Nov 09)
- Re: Re: [LightDM] Version 1.0.6 released Guido Berhoerster (Nov 10)
- Re: Re: [LightDM] Version 1.0.6 released Robert Ancell (Nov 10)
- Re: Re: [LightDM] Version 1.0.6 released Guido Berhoerster (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released John Haxby (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released Marc Deslauriers (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 22)
- Re: Re: [LightDM] Version 1.0.6 released Marc Deslauriers (Nov 22)
- Re: Re: [LightDM] Version 1.0.6 released Guido Berhoerster (Nov 22)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)