Re: hard links create local DoS vulnerability and security problems

[Michael Buesch]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 24 November 2003 18:57, Jakob Lell wrote:
> > > To solve the problem, the kernel shouldn't allow users to create hard
> > > links to
> > > files belonging to someone else.
> >
> > No. Users must be able to create hard links to files that belong
> > to somebody else if they are readable. It's a requirement.
>
> If this is REALLY neccessary, it might be possible to prevent hard links to
> setuid binaries.

What about _not_ modifying the mainstream-kernel behaviour,
but adding an option, to make users unable to create such hard-links,
to selinux and/or grsec?

> Regards
>  Jakob

- -- 
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/wkw8oxoigfggmSgRArwLAJ47CAW90QtuEK+PNAlpzDf3ZBmohgCeKaGT
YKUZQRAYYnszq90a34KmH6U=
=EUOO
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/