| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1NCuz4-00010e-Ch@pomaz-ex.szeredi.hu> Date: Tue, 24 Nov 2009 13:59:06 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: Pavel Machek <pavel@....cz> CC: miklos@...redi.hu, jlayton@...hat.com, jamie@...reable.org, ebiederm@...ssion.com, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, viro@...IV.linux.org.uk Subject: Re: [PATCH 0/3] vfs: plug some holes involving LAST_BIND symlinks and file bind mounts (try #5) On Tue, 24 Nov 2009, Pavel Machek wrote: > I believe that current semantics is ugly enough that 'documenting' it > is not enough... and people want to port from other systems, too, not > expecting nasty surprises like this... This hasn't been a problem for the last 12 years, and still we don't see script kiddies exploiting this hole and sysadmins hurrying to secure their system, even though it has been public for quite a while. Why? The reason might be, that there *is no* violation of security. See this: the surprise isn't that an inode can be reached from multiple paths, that has been possible with hard links for as long as unix lived. The suprise is that the inode can be reached through proc. So this "hole" that has been opened about 12 years ago in linux is quite well known. Only this particular aspect of it isn't well known, but that doesn't mean it's not right, does it? Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists