Re: Security Anti Symlink Attack Patch for 2.1.71

Christoph Lameter (chris@waterf.org)
Sun, 7 Dec 1997 16:22:24 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrea Arcangeli: "Re: 2.1.71 lp is not working again :-("
Previous message: linux kernel account: "[offtopic] Re: egcs & 2.0.32"
Next in thread: Boris Tobotras: "Re: Security Anti Symlink Attack Patch for 2.1.71"

Ok. Then I need to add condition 3 (which is already dealt with in the old
patch)

3. Symlinks established by other user except root in +t dirs are not
followed.

Hmm. This again gets much too complicated..... Anyone got better thoughts?

Maybe better stick with the posted patch?

On Mon, 8 Dec 1997, Erik Corry wrote:

>
> In article <Pine.LNX.3.96.971207123340.392A-100000@cyrix200.waterf.org> you wrote:
> > 1. They cannot be absolute (i.e. they cannot begin with /)
>
> > 2. They are not allowed to point to a higher directory
> > (Maybe forbid ".." in symlinks?)
>
> > Are there any reasons this would not work?
>
> cd /tmp
> mkdir myowndir
> ln -s anything myowndir/anything
>
> Now where do you want myowndir/anything to point to?

Next message: Andrea Arcangeli: "Re: 2.1.71 lp is not working again :-("
Previous message: linux kernel account: "[offtopic] Re: egcs & 2.0.32"
Next in thread: Boris Tobotras: "Re: Security Anti Symlink Attack Patch for 2.1.71"