Re: hard links create local DoS vulnerability and security problems

From: Måns Rullgård
Date: Mon Nov 24 2003 - 17:13:10 EST

Next message: Hans Reiser: "Reiser4: latest snapshot is less stable than before"
Previous message: J.A. Magallon: "Re: Linux 2.4.23-rc4"
In reply to: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

John Bradford <john@xxxxxxxxxxxx> writes:

>> Right... but non-privileged users _can't_ delete these extra links, even
>> if they notice them from the link count.
>
> They can truncate the file to zero length, though, then delete the
> 'original' link, making all of the other links point to the zero
> length file.

It could be tricky to find those extra links if the original has been
deleted, of course.

--
Måns Rullgård
mru@xxxxxx

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hans Reiser: "Reiser4: latest snapshot is less stable than before"
Previous message: J.A. Magallon: "Re: Linux 2.4.23-rc4"
In reply to: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]