Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: File system recursion and symlinks: A never-ending story (and how to bring it to an end for me)
From: Andrew Farmer <andfarm () gmail com>
Date: Mon, 30 May 2011 17:09:38 -0700

On 2011-05-30, at 16:27, coderman wrote:
On Mon, May 30, 2011 at 6:56 AM, halfdog <me () halfdog net> wrote:

It seems that quite a few backup applications are (or were) vulnerable
to special combined symlink/timing attacks on pathname components before
the last one (so O_NOFOLLOW does not help).
...
Please let me know, if ... you
have good reason, that the kernel interface is not the point, where this
issue could be addressed most efficiently.

use lvm snapshots for backups, either directly at volume level or
mounting a read-only snapshot and running backup over that static
filesystem state.

LVM snapshots have some nasty gotchas, though:

https://bugs.launchpad.net/lvm2/+bug/360237

They also don't solve the problem of restoring a fragment of data (e.g, a single accidentally deleted file) from a 
backup in an untrustworthy environment.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault