| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1049712420.14054.4.camel@laptop.fenrus.com> From: arjanv at redhat.com (Arjan van de Ven) Subject: Syscall implementation could lead to whether or not a file exists On Wed, 2003-04-02 at 21:19, Andrew Griffiths wrote: > Product: Linux and various other kernels > Tested: > - RedHat kernel 2.4.18-26.7.x (second latest ;)) > - RedHat kernel 2.4.18-27.7.x > - Debian 3.0 box > - FreeBSD 4.4 > > Description: > > Due to the implementation of various system calls, it becomes > possible to test whether or not a file exists in a directory > that is unreadable. .. by calling lstat(2). Ability to do lookup is controlled by _exec_ permissions, not read ones. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030407/9ae4cf09/attachment.bin
Powered by blists - more mailing lists