[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems

To: flaps@dgp.toronto.edu (Alan J Rosenthal), bugtraq@securityfocus.com, full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
From: Carl Ekman <calle@gosig.nu>
Date: Mon, 24 Nov 2003 19:38:38 +0100

Since many systems have /tmp on the root filesystem /tmp could also be used to 
link to setuid binaries.

> The link to setuid programs is more of concern except that it won't be able
> to happen unless you have setuid-root programs in a home directory
> partition, which sounds bad anyway.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
  - From: Trent Petrasek <tpetrasek@internap.com>

References:
- [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
  - From: "Alan J Rosenthal" <flaps@dgp.toronto.edu>

Prev by Date: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
Next by Date: RE: [Full-Disclosure] HTTP request with SMTP message
Previous by thread: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
Next by thread: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
Index(es):
- Date
- Thread