[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hard links on Linux create local DoS vulnerability and security problems

To: Bruno Lustosa <bruno@lustosa.net>
Subject: Re: hard links on Linux create local DoS vulnerability and security problems
From: "David F. Skoll" <dfs@roaringpenguin.com>
Date: Mon, 24 Nov 2003 13:57:12 -0500 (EST)

On Mon, 24 Nov 2003, Bruno Lustosa wrote:

> Just checked this on 2.6.0-test9, and it will not work.

[Keeping SUID bits by making a hard link.]

This is true even on ancient version of Linux and UNIX.

A hard link just contains a name and an inode number.  The permissions
are stored in the inode, so all hard links share the same permissions,
owner, etc.

--
David.

References:
- hard links on Linux create local DoS vulnerability and security problems
  - From: Jakob Lell <jlell@JakobLell.de>
- Re: hard links on Linux create local DoS vulnerability and security problems
  - From: Bruno Lustosa <bruno@lustosa.net>

Prev by Date: Re: [Full-Disclosure] hard links on Linux create local DoS vulnerability and security problems
Next by Date: GLSA: glibc (200311-05)
Previous by thread: Re: hard links on Linux create local DoS vulnerability and security problems
Next by thread: Re: hard links on Linux create local DoS vulnerability and security problems
Index(es):
- Date
- Thread