Re: hard links create local DoS vulnerability and security proble

From: Mathieu Chouquet-Stringer
Date: Mon Nov 24 2003 - 14:29:06 EST

Next message: mp3project: "2.6.0-test10 : compile error in /fs/proc/array.c"
Previous message: Andrew Morton: "Re: [BUG]Missing i_sb NULL pointer check in destroy_inode()"
In reply to: Valdis . Kletnieks: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Valdis . Kletnieks: "Re: hard links create local DoS vulnerability and security proble"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Valdis.Kletnieks@xxxxxx writes:
> mkdir ~/bin
> chmod 700 ~/bin
> cat > ~/bin/show-me
> #!/bin/sh
> whoami
> ^D
> chmod 4755 ~/bin/show-me
>
> No separate partitions needed.

It's always been my understanding that you cannot have suid shell script
because you could easily change the IFS. Am i wrong? (

--
Mathieu Chouquet-Stringer E-Mail : mathieu@xxxxxxxxxxx
Never attribute to malice that which can be adequately
explained by stupidity.
-- Hanlon's Razor --
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: mp3project: "2.6.0-test10 : compile error in /fs/proc/array.c"
Previous message: Andrew Morton: "Re: [BUG]Missing i_sb NULL pointer check in destroy_inode()"
In reply to: Valdis . Kletnieks: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Valdis . Kletnieks: "Re: hard links create local DoS vulnerability and security proble"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]