Sometimes, (well; frequently) programs that create temporary
files let the filename depend on their PID. A hacker could use
that knowledge. So if you know that the application that
you're starting uses the last PID+1, you could make sure that
that file already exists or create a symlink with that name or
whatsoever causing the application you're starting to do
things it's not supposed to. Like forcing suid apps to create
a file in the startup-scripts dir. or something.
================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en
de afzender direct te informeren door het bericht te retourneren.
================================================
The information contained in this message may be confidential
and is intended to be exclusively for the addressee. Should you
receive this message unintentionally, please do not use the contents
herein and notify the sender immediately by return e-mail.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/