Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > muc.lists.netbsd.tech.security > #241

Re: Hard link creation witout write access

From RVP <rvp@SDF.ORG>
Newsgroups muc.lists.netbsd.tech.security
Subject Re: Hard link creation witout write access
Date 2023-09-07 12:20 +0000
Organization Newsgate at muc.de e.V.
Message-ID <454692df-41e0-5a86-e099-a869d5b8e61e@SDF.ORG> (permalink)

Show all headers | View raw

On Thu, Sep 7 2023, Mouse wrote:

> What issues?  The only one I can see is that it allows anyone who can
> write to any directory on that filesystem to cause the file to stick
> around after its original name is unlinked.
>

Then you can make private copies of setuid binaries which you can exploit
at your leisure--even after the sysadmin's installed a new version. :)

-RVP

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-admin@muc.de

Back to muc.lists.netbsd.tech.security | Previous | NextNext in thread | Find similar

Thread

Re: Hard link creation witout write access RVP <rvp@SDF.ORG> - 2023-09-07 12:20 +0000
  Re: Hard link creation witout write access Martin Husemann <martin@duskware.de> - 2023-09-07 15:20 +0200
  Re: Hard link creation witout write access RVP <rvp@SDF.ORG> - 2023-09-07 22:58 +0000

csiph-web