> thoth@purplefrog.com wrote:
>
> > I wonder if you can unlink this entry after you've mounted it. Of course
>> ,
> > if your /tmp is on a read-only filesystem you would have to already have
> > such an entry and you certainly couldn't unmount it.
>
> I don't have trouble mounting or unmounting (using mount 2.6b) just
> because the mount point is on a read-only filesystem.
Duh, I meant to say "certainly couldn't UNLINK it", it being the
/tmp/dev-ram. Of course, if /tmp/ is read-only, you have other problems :)
> On Mon, 24 Mar 1997 thoth@purplefrog.com wrote:
>
> Sure, you can unlink any file once it is opened. But it won't be going
> anywhere until closed.
Yes. Those of you who weren't paying attention wake up and read what the
man said. The inode may be totally unlinked, but as long as there's a file
descriptor using it, it's still there (but I don't know of any way to link it
back into the filesystem). There are a handful of techniques used in security
breaching attacks that use this fact to their advantage.
> ** Those who send MAKE.MONEY.QUICK mail, should be sent to Albania. **
What makes you think Albania wants them or even deserves them?
---
Bob Forsman thoth@gainesville.fl.us
http://www.gainesville.fl.us/~thoth/