[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems

To: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com
Subject: Re: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
From: Christopher Allene <cwis@nerim.fr>
Date: Thu, 27 Nov 2003 02:57:59 +0100

Jeremiah Cornelius (jeremiah@nur.net) wrote on 2003-11-26 at 14:18:
> And a mandatory system profile in /etc , which aliases ln as 'ln -s' might 
> help.  One for each valid shell.

How would such an approach avoid people calling symlink(2) or
unalias/whatever ?

Seems as good as security through obscurity to me.

-- 
Christopher Allène

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] hard links on Linux create local DoS vulnerability and security problems
  - From: Jakob Lell <jlell@JakobLell.de>
- [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
  - From: Steven Leikeim <steven@enel.ucalgary.ca>
- Re: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
  - From: Jeremiah Cornelius <jeremiah@nur.net>

Prev by Date: Re: [Full-Disclosure] IDS (ISS) and reverse engineering
Next by Date: [Full-Disclosure] SRT2003-TURKEY-DAY - *novelty* - detecttr.c Trace Route detection vulnerability
Previous by thread: Re: [Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
Next by thread: [Full-Disclosure] os x 10.2.x has 8 character password limit
Index(es):
- Date
- Thread