[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200311242123.45090.jlell@JakobLell.de>
From: jlell at JakobLell.de (Jakob Lell)
Subject: hard links on Linux create local DoS vulnerability and security problems
On Monday 24 November 2003 20:59, petard wrote:
> On Mon, Nov 24, 2003 at 07:58:17PM +0100, Michal Zalewski wrote:
> > But yes, hardlinks introduce a whole array of security problems and other
> > brain-damage scenarios (a trivia: what happens if you create a hardlink
> > to /usr/bin/passwd in /tmp? 1: you cannot remove it; 2: if you name it
> > 'r00tshell', the administrator would have a a heart attack upon spotting
> > a root-owned setuid binary in /tmp). This is hardly new - you can Google
> > for some BUGTRAQ discussions and such back in the '99 or so - but should
> > be brought up once in a while.
>
> If the administrator is worth her salary, you will be unable to create
> that hardlink because /usr/bin/passwd and /tmp will be on different
> partitions. This entire issue is more of a configuration issue than a
> Linux issue. You should never configure a multiuser system such that
> users can write to partitions which contain suid binaries.
Hello,
putting everything on one single partition is the default for some Linux
distribution (i.e. SuSE). So many systems aren't secure by default. It's
obvious that a good administrator won't do this but when it's set up like
this it's hard to change it later without downtime. Furthermore, it's
difficult to know in advance how much disk space one directory will need
later.
Regards
Jakob
Powered by blists - more mailing lists