| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Oct 2012 19:58:34 -0400 From: Theodore Ts'o <tytso@....edu> To: Matthias Schniedermeyer <ms@...d.de> Cc: Kees Cook <kees@...flux.net>, Nick Bowler <nbowler@...iptictech.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: Linux 3.6 On Thu, Oct 04, 2012 at 12:23:41AM +0200, Matthias Schniedermeyer wrote: > Personally i would have been bitten by this change, because for years i > have used a symlink in /tmp (which has the sticky bit) to a directory > somewhere else for historical reasons. But as i was aware of this change > i fixed my system before booting the new kernel. As long as you own the symlink, it wouldn't be a problem. The problem comes when the symlink is owned by some user such as "untrusted_daemon", which could change where the symlink could point at any any time --- or could create a new symlink where none had previously existed in some world-writeable directory such as /tmp. Now you try to use that symlink, assuming that it points to *foo*, when in fact it now points to *bar*, and hilarity ensues... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists