Re: Security Anti Symlink Attack Patch for 2.1.71

Rob Hagopian (hagopiar@vuser.vu.union.edu)
Sun, 7 Dec 1997 14:11:44 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Woodhouse: "Re: Working on better kerneld..."
Previous message: Eric: "TIOCNOTTY and TIOCSCTTY"
In reply to: Alan Cox: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"

On Sun, 7 Dec 1997, Alan Cox wrote:

> > The following patch was originaly for 2.0.32 by solar@false.com. I ported
> > it to 2.1.71 and separated it from another patch that came with it.
>
> This isnt a good fix in some ways. Firstly there are programs that depend upon
> symlinks in /tmp, secondly it doesnt seem to agree with the unix standard.

But _very_ few programs depend on symlinks in /tmp that they didn't create
(you'll note the patch does follow symlinks made by root) or hard links to
files they don't own. I have yet to find one, if you know of one, please
let me know!

I agree that it does break strict Unix semantics, so it should be a config
option, but I don't think that it should be excluded from the kernel for
this sole reason. After all, source routing can be turned off and that
breaks strict IPv4 semantics...
-Rob H.

Next message: David Woodhouse: "Re: Working on better kerneld..."
Previous message: Eric: "TIOCNOTTY and TIOCSCTTY"
In reply to: Alan Cox: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"