Bugtraq: Re: Symlinks and Cryogenic Sleep

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Symlinks and Cryogenic Sleep

From: casper () HOLLAND SUN COM (Casper Dik)
Date: Tue, 4 Jan 2000 21:40:55 +0100

When
the application reaches the critical section of code between the
lstat and the open, you stop it by sending it a SIGSTOP. You record
the device and inode number of your /tmp file, remove it, and wait.


The ploy should fail right here: as far as I'm aware, this protection
only works on sticky directories.  In that case, it's not possible to
remove it.

Maybe I'm just naive, but it's my understanding that you cannot send signals
to a process you don't own unless you are root.


You can, but only from a terminal. (I.e., if you start su/passwd/rsh,
etc, you can ^Z them)

Casper

By Date By Thread

Current thread:

Symlinks and Cryogenic Sleep Olaf Kirch (Jan 03)
- Re: Symlinks and Cryogenic Sleep Mark A. Heilpern (Jan 03)
  - Re: Symlinks and Cryogenic Sleep Casper Dik (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Olaf Kirch (Jan 04)
  - Re: Symlinks and Cryogenic Sleep Henrik Nordstrom (Jan 04)
- First Telecom E-conso service totally insecure Thomas Quinot (Jan 03)
- Re: Symlinks and Cryogenic Sleep Goetz Babin-Ebell (Jan 04)
  - Re: Symlinks and Cryogenic Sleep pedward () WEBCOM COM (Jan 04)