On 18/06/2010, at 8:02 AM, Leif Walsh wrote: > On Thu, Jun 17, 2010 at 2:54 PM, Sean <s...@gothic.net.au> wrote: >> Easy. >> Create a symlink etc, to /etc >> Create a file etc/passwd containing whatever you want. > > This could be an artifact of coming from the Linux world and knowing > little about the BSD kernel (and I should probably lurk a bit longer > before posting on a new list), but wouldn't the symlink resolve and > result in a totally new chain of lookup/permissions calls? I don't > see how making a symlink to a location allows you to change the > permissions of that location just by changing the permissions of the > symlink. >
It only works if the user extracting already has permission to write there anyway. It's a means of taking advantage of a privileged user who extracts the tar. > -- > Cheers, > Leif _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
