Re: Security Anti Symlink Attack Patch for 2.1.71

Erik Corry (erik@arbat.com)
Mon, 8 Dec 1997 01:10:07 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: linux kernel account: "Re: PC speaker patches & ext2 compression"
Previous message: linux kernel account: "Re: PnP in 2.2 ?"
Maybe in reply to: Christoph Lameter: "Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"

In article <Pine.LNX.3.96.971207123340.392A-100000@cyrix200.waterf.org> you wrote:
> 1. They cannot be absolute (i.e. they cannot begin with /)

> 2. They are not allowed to point to a higher directory
> (Maybe forbid ".." in symlinks?)

> Are there any reasons this would not work?

cd /tmp
mkdir myowndir
ln -s anything myowndir/anything

Now where do you want myowndir/anything to point to?

-- 
Erik Corry erik@arbat.com

Next message: linux kernel account: "Re: PC speaker patches & ext2 compression"
Previous message: linux kernel account: "Re: PnP in 2.2 ?"
Maybe in reply to: Christoph Lameter: "Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Reply: Christoph Lameter: "Re: Security Anti Symlink Attack Patch for 2.1.71"