Re: hard links create local DoS vulnerability and security problems

From: Andy Lutomirski
Date: Mon Nov 24 2003 - 15:56:07 EST

Next message: Tilo Lutz: "Can't login with kernel 2.6"
Previous message: John Blackwood: "[PATCH] arch/x86_64/kernel/signal.c linux-2.6.0-test10"
In reply to: Gianni Tedesco: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Linus Torvalds: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Valdis.Kletnieks@xxxxxx wrote:

In any case, if a user is *MAKING* a program set-UID, it's probably because
he *wants* it to run as himself even if others invoke it (otherwise, he
could just leave it in ~/bin and be happy). So this is really a red herring,
as it's only a problem if (a) he decides to get rid of the binary, and fails
to do so because of hard links he doesn't know about, or (b) he's an idiot
programmer and it malfunctions if invoked with an odd argv[0]....

Right... but non-privileged users _can't_ delete these extra links, even if they notice them from the link count. And non-idiots do make security errors -- they just fix them. But in this case, fixing the error after the fact may be impossible without root's help.

And how many package managers / install scripts check for hard links of files they're about to overwrite?

--Andy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tilo Lutz: "Can't login with kernel 2.6"
Previous message: John Blackwood: "[PATCH] arch/x86_64/kernel/signal.c linux-2.6.0-test10"
In reply to: Gianni Tedesco: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: Linus Torvalds: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]