mailing list archives
Re: smbd remote file creation vulnerability
From: Phil Stracchino <alaric () babcom com>
Date: Wed, 27 Jun 2001 16:35:09 -0700
On Wed, Jun 27, 2001 at 12:42:52AM +0200, Wichert Akkerman wrote:
Previously Pavol Luptak wrote:
Linux kernels with openwall patch (with restricted links in /tmp) are
imunne to this type of attack (following symlinks does not work, link
owner does not match with file's owner).
If symlink don't work you can still use a hardlink though.
Which is yet another reason for making /tmp a separate filesystem.
Linux Now! ..........Because friends don't let friends use Microsoft.
phil stracchino -- the renaissance man -- mystic zen biker geek
alaric () babcom com halmayne () sourceforge net
2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)
Re: smbd remote file creation vulnerability Fatal Connect (Jun 25)