On Wed, Jun 27, 2001 at 12:42:52AM +0200, Wichert Akkerman wrote: > Previously Pavol Luptak wrote: > > Linux kernels with openwall patch (with restricted links in /tmp) are > > imunne to this type of attack (following symlinks does not work, link > > owner does not match with file's owner). > > If symlink don't work you can still use a hardlink though. Note that the same option in the OpenWall patch also prevents the creation of hardlinks to files that you don't own. -- Steve Beattie Don't trust programmers? <[EMAIL PROTECTED]> Complete StackGuard distro at http://immunix.org/~steve/ immunix.org
- Re: smbd remote file creation vulnerability Pavol Luptak
- Re: smbd remote file creation vulnerabi... Tomek Lipski
- Re: smbd remote file creation vulnerabi... Jarno Huuskonen
- Re: smbd remote file creation vulne... Pavol Luptak
- Re: smbd remote file creation v... Simple Nomad
- Re: smbd remote file creat... Olaf Kirch
- Re: smbd remote file c... Simple Nomad
- Re: smbd remote file creation vulnerabi... Wichert Akkerman
- Re: smbd remote file creation vulne... Michal Zalewski
- Re: smbd remote file creation vulne... Phil Stracchino
- Re: smbd remote file creation vulne... Steve Beattie
- Re: smbd remote file creation vulnerabi... Joachim Blaabjerg
- Re: smbd remote file creation vulne... Michal Zalewski
- Re: smbd remote file creation vulne... sarnold
- Re: smbd remote file creation vulnerability Fatal Connect
- Re: smbd remote file creation vulnerability Joseph Nicholas Yarbrough
- Re: smbd remote file creation vulnerability Christopher William Palow
- Re: smbd remote file creation vulnerability Dan Stromberg
- Re: smbd remote file creation vulnerability Daniel Jacobowitz
