Home page logo

bugtraq logo Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Mon, 26 Oct 2009 12:24:03 +0100 (CET)

On Sun, 25 Oct 2009, Pavel Kankovsky wrote:

pavel might have detected this attack if he checked the number of
hardlinks on "unwritable_file"  between the chmod's. But he did not
check that.

I stand corrected. He did it--in a comment:

# check link count on unwritable_file. We would not want someone 
# to have a hard link to work around our permissions, would we?

Pavel Kankovsky aka Peak                          / Jeremiah 9:21        \
"For death is come up into our MS Windows(tm)..." \ 21st century edition /

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]