| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Mar 2007 23:38:02 +0300 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: Daniel Hazelton <dhazelton@...er.net> Cc: bugtraq@...urityfocus.com, "Steven M. Christey" <coley@...re.org> Subject: Re[2]: Microsoft Windows Vista/2003/XP/2000 file management security issues Dear Daniel Hazelton, --Tuesday, March 13, 2007, 8:29:39 PM, you wrote to bugtraq@...urityfocus.com: DH> I haven't used Vista at all, but from reading the MS documentation about the DH> new version of NTFS that it uses it appears that Unix style symlinks are DH> supported. (From what I can tell they've been possible since the start, just DH> not implemented) DH> So for any WIndows system that shares the new NTFS code with Vista this is a DH> valid vuln. Although I'm not positive about whether MS actually released DH> tools along with Vista to use this feature, I'm more than certain that it DH> does exist. (However, this may be a moot point. MS might still flag a DH> cross-reference like a Unix-style symlink as a filesystem error) Yes, Vista supports Unix-style symlinks and there is "mklink". By default, only member of administrators group can create ones and this policy should never be changed. So, again, there is no symlink vulnerability in it's classic way in default configuration. Only if you change symlink policy, you get security hole. In terms of Unix, you'll get system with commonly used /tmp and without mkstemp() ever used. -- ~/ZARAZA http://securityvulns.com/
Powered by blists - more mailing lists