Home page logo

bugtraq logo Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Mon, 26 Oct 2009 19:37:38 +0100

On 2009-10-24 Derek Martin wrote:
1. It circumvents the fact that to write to a file, you MUST be able
to write to its directory, so that the file attributes can be updated.

Wrong, because the file's attributes aren't stored in the directory, but
in the respective inode.

Ansgar Wiechers
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]