Bugtraq mailing list archives
Re: Fix for ssh-1.2.27 symlink/bind problem
From: rhialto () POLDER UBC KUN NL (Olaf Seibert)
Date: Mon, 4 Oct 1999 12:58:42 +0200
On Sat, 2 Oct 1999, Scott Gifford wrote:
+ /* OK, now we know we're in the directory we created. Nobody can + * rmdir() this because we are in it. Nobody besides root can have + * made a symlink in here, because they wouldn't have permission. + * Lookin' good... + **/
Actually, a directory *can* be rmdir()ed when it some process' current directory. You can try that with a couple of shells for instance. But once the directory is not empty, it cannot be rmdir()ed anymore. Perhaps you can use that fact to your advantage. On the other hand, if you're in an rmdir()ed directory, a chdir ("..") or a rename("somename", "../somename") also don't work, and it looks like even creation of new files or sockets will fail too, so this could probably be used as a detection after the fact. (all this on NetBSD 1.3.3) -Olaf. -- ___ Olaf 'Rhialto' Seibert - ___ Olaf 'Rhialto' Seibert - rhialto () polder ubc. -- If one tells the truth, \X/ .kun.nl -- one is, sooner or later, to be found out. (Oscar Wilde)
Current thread:
- (no subject), (continued)
- (no subject) Dennis Conrad (Oct 03)
- Re: Sample DOS against the Sambar HTTP-Server Steve (Oct 06)
- Re: Sample DOS against the Sambar HTTP-Server Dennis Conrad (Oct 08)
- Re: Sample DOS against the Sambar HTTP-Server syz (Oct 09)
- Re: Sample DOS against the Sambar HTTP-Server Steve (Oct 06)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Sep 30)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Casper Dik (Oct 01)
- RFP9904: TeamTrack webserver vulnerability .rain.forest.puppy. (Oct 02)
- Fix for ssh-1.2.27 symlink/bind problem Scott Gifford (Oct 02)
- Re: Fix for ssh-1.2.27 symlink/bind problem Eivind Eklund (Oct 04)
- Re: Fix for ssh-1.2.27 symlink/bind problem Toomas Kiisk (Oct 05)
- Re: Fix for ssh-1.2.27 symlink/bind problem Olaf Seibert (Oct 04)
- Re: Fix for ssh-1.2.27 symlink/bind problem Dan Astoorian (Oct 05)
- Weakness In "The Matrix" Screensaver For Windows Boyce, Nick (Oct 04)
- Re: Weakness In "The Matrix" Screensaver For Windows Glenn Walker (Oct 05)
- (no subject) Dennis Conrad (Oct 03)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Chris Keane (Oct 01)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Sylvain Robitaille (Oct 04)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Oct 04)
- FireWall-1 weakness? Rosner, D (Oct 04)
- WIn98 port security query Jay R. Ashworth (Oct 01)