[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Nov 2003 19:38:38 +0100
From: Carl Ekman <calle@...ig.nu>
To: flaps@....toronto.edu (Alan J Rosenthal),
bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re: hard links on Linux create local DoS vulnerability and security problems
Since many systems have /tmp on the root filesystem /tmp could also be used to
link to setuid binaries.
> The link to setuid programs is more of concern except that it won't be able
> to happen unless you have setuid-root programs in a home directory
> partition, which sounds bad anyway.
Powered by blists - more mailing lists