lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200311242123.45090.jlell@JakobLell.de>
From: jlell at JakobLell.de (Jakob Lell)
Subject: hard links on Linux create local DoS vulnerability and security problems

On Monday 24 November 2003 20:59, petard wrote:
> On Mon, Nov 24, 2003 at 07:58:17PM +0100, Michal Zalewski wrote:
> > But yes, hardlinks introduce a whole array of security problems and other
> > brain-damage scenarios (a trivia: what happens if you create a hardlink
> > to /usr/bin/passwd in /tmp? 1: you cannot remove it; 2: if you name it
> > 'r00tshell', the administrator would have a a heart attack upon spotting
> > a root-owned setuid binary in /tmp). This is hardly new - you can Google
> > for some BUGTRAQ discussions and such back in the '99 or so - but should
> > be brought up once in a while.
>
> If the administrator is worth her salary, you will be unable to create
> that hardlink because /usr/bin/passwd and /tmp will be on different
> partitions. This entire issue is more of a configuration issue than a
> Linux issue. You should never configure a multiuser system such that
> users can write to partitions which contain suid binaries.
Hello,
putting everything on one single partition is the default for some Linux 
distribution (i.e. SuSE). So many systems aren't secure by default. It's 
obvious that a good administrator won't do this but when it's set up like 
this it's hard to change it later without downtime. Furthermore, it's 
difficult to know in advance how much disk space one directory will need 
later.
Regards
 Jakob


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ