Bugtraq mailing list archives
Re: Linux kernel filesystem oddities
From: jhutz+ () cmu edu (Jeffrey Hutzelman)
Date: Thu, 9 Jul 1998 15:56:59 -0400
Owners are stored in i-nodes. Directory entries are nothing but (filename, i-node number) pairs. link("publicly-visible-file", "world-writable-directory/blah") is as anonymous as write(open("/world-writable-file", O_WRONLY), "blah", 4)
True. However, one might argue that the former should fail with EPERM, unless you happen to own "publicly-visible-file". In fact, I thought I saw a patch go through here a while back that did exactly that, if "world-writable-directory" was also sticky. In general, publicly-writable directories are a bad thing. They are the cause (or at least part of the cause) of numerous vulnerabilites, most much worse than the DoS attack described here. -- Jeffrey T. Hutzelman (N3NHS) <jhutz+ () cmu edu> Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
Current thread:
- SmurfLog 1.0 Bug Lord (Jul 03)
- Linux kernel filesystem oddities Michal Zalewski (Jul 05)
- sentry Paul Boehm (Jul 08)
- Re: Linux kernel filesystem oddities Pavel Kankovsky (Jul 08)
- Re: Linux kernel filesystem oddities Michal Zalewski (Jul 06)
- Re: Linux kernel filesystem oddities Pavel Kankovsky (Jul 08)
- Re: Linux kernel filesystem oddities Jeffrey Hutzelman (Jul 09)
- dslip package David Kopstain (Jul 09)
- SLMail 3.0.2421 Stack Overflow... Aleph One (Jul 09)
- Linux kernel filesystem oddities Michal Zalewski (Jul 05)
- Re: SmurfLog 1.0 Bug Lord (Jul 10)
- Re: port 0 scanning Lamont Granquist (Jul 09)
- Regarding Mudge's OBP/FORTH root hack (PHRACK53) Jericho Nunn (Jul 10)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) John W. Temples (Jul 11)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Casper Dik (Jul 13)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Gene Spafford (Jul 11)