Re: Security Anti Symlink Attack Patch for 2.1.71

Alan Cox (alan@lxorguk.ukuu.org.uk)
Sun, 7 Dec 1997 17:36:19 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bill Hawes: "updated patch for 2.1.71 smbfs, smbclient"
Previous message: Alan Cox: "Re: poor nfs performance"
Next in thread: Rob Hagopian: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Rob Hagopian: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"

> The following patch was originaly for 2.0.32 by solar@false.com. I ported
> it to 2.1.71 and separated it from another patch that came with it.

This isnt a good fix in some ways. Firstly there are programs that depend upon
symlinks in /tmp, secondly it doesnt seem to agree with the unix standard.

Thats not to say it isnt a good toy to have around on an insecure box, but
it shouldnt be a standard thing.

Alan

Next message: Bill Hawes: "updated patch for 2.1.71 smbfs, smbclient"
Previous message: Alan Cox: "Re: poor nfs performance"
Next in thread: Rob Hagopian: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Rob Hagopian: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"