| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Nov 2003 20:32:45 +0300 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: Bruno Lustosa <bruno@...tosa.net> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re[2]: hard links on Linux create local DoS vulnerability and security problems Dear Bruno Lustosa, --Monday, November 24, 2003, 9:25:37 PM, you wrote to bugtraq@...urityfocus.com: BL> Just checked this on 2.6.0-test9, and it will not work. BL> When you create a hard link to a setuid or any other file, it will BL> inherit the same owner and mode of the original. However, if the BL> original file is changed (owner, group, mode, or content), the link will BL> reflect those changes as well. No, if original file is removed and new one is created with same name. -- ~/ZARAZA Да, ему чертовски повезло. Эх и паршиво б ему пришлось если бы он выжил! (Твен) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists