Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: A vulnerability in Lynx (all versions)
From: bluca () comedia it (Luca Berra)
Date: Tue, 6 May 1997 13:57:55 +0200

Actually, for those out there running linux, someone
(Andrew tridgell if i remember correctly)
wrote a kernel patch to completely disable symlinks in
tmp attacks.
basically it does not follow any symlinks (in directories
with the sticky bit set) if the owner of the link is different
than the owner of the target.

i think something like this should be implemented in
other OSes as well.

Regards
        Luca

--
Luca Berra -- bluca () comedia it
        System and Network Manager - CoMedia s.r.l.
           PGP Public key available via finger

  By Date           By Thread  

Current thread:
  • Re: A vulnerability in Lynx (all versions) Luca Berra (May 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]