Re: security warning

Matthias Urlichs (
18 Dec 1997 23:55:43 +0100

Jeffrey Hundstad <> writes:
> Isn't this JUST the kind of thing that belongs as a switch in /proc/sys
> somewhere?
IMHO the right fix is the symlink protection patch, i.e. do not follow a
symlink if the directory which has the symlink has its t bit set unless
you're the owner of the symlink.

That should fix all those nasty "duh, my creat("/tmp/fubar.012345") deleted
/etc/passwd" holes.

Matthias Urlichs
noris network GmbH