Vulnerability Development mailing list archives
Re: spying (deleted) file entries in other users' directories
From: FozZy <fozzy () dmpfrance com>
Date: Sun, 23 Jun 2002 17:59:36 +0200
Bob,
Maybe I was not very clear. I am not talking about reading contents of deleted files (what can be achieved, but only by
the super-user), i am talking about an unpriviledged user reading the content of a world-readable *directory file*
("cat somedir") and thus being able to see the filenames contained into the directory (which is normal behavior) but
also the names of the *deleted* files (very silly example of why it can be an issue: do you want everybody to know you
uploaded XXX or warez stuff someday into your home directory ? ;)
FozZy
Current thread:
- spying (deleted) file entries in other users' directories FozZy (Jun 22)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 22)
- Re: spying (deleted) file entries in other users' directories FozZy (Jun 23)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 23)
- Re: spying (deleted) file entries in other users' directories FozZy (Jun 23)
- Re: spying (deleted) file entries in other users' directories D.C. van Moolenbroek (Jun 24)
- Re: spying (deleted) file entries in other users' directories Valdis . Kletnieks (Jun 26)
- Re: spying (deleted) file entries in other users' directories Robert Bihlmeyer (Jun 26)
- RE: spying (deleted) file entries in other users' directories Maximiliano PĂ©rez (Jun 28)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 22)