|
Bugtraq
mailing list archives
Re: /proc filesystem allows bypassing directory permissions on
From: psz () maths usyd edu au
Date: Wed, 4 Nov 2009 10:17:13 +1100
"mount --bind" behaves like a hard link and it does not increment the link
count.
# touch /tmp/a
# mount --bind /etc/passwd /tmp/a
# ls -l /etc/passwd
-rw-r--r-- 1 root root 1990 2009-08-24 16:22 /etc/passwd
...
Two references to the same inode, yet the link count is 1 and /proc is
nowhere in the picture.
But, mount requires root (and root can do anything, including shooting
himself in the foot).
Cheers, Paul
Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
 By Date 
By Thread
Current thread:
| 
