Re: Security Anti Symlink Attack Patch for 2.1.71

Boris Tobotras (tobotras@jet.msk.su)
Mon, 08 Dec 1997 09:21:01 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Lewis: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Previous message: Jon Lewis: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Maybe in reply to: Christoph Lameter: "Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Ian Collier: "Re: Security Anti Symlink Attack Patch for 2.1.71"

On Sun, 07 Dec 1997 17:36:19 GMT, Alan Cox wrote:

> > The following patch was originaly for 2.0.32 by solar@false.com. I ported
> > it to 2.1.71 and separated it from another patch that came with it.
>
> This isnt a good fix in some ways. Firstly there are programs that depend upo
> n
> symlinks in /tmp, secondly it doesnt seem to agree with the unix standard.
>
> Thats not to say it isnt a good toy to have around on an insecure box, but
> it shouldnt be a standard thing.

Why not? MANY people are going to enable it if it were in stock
kernel. Why not make this and non-executable stack (at least) as a
compile-time options (turned off by default, that's nice)?

-- 
	Best regards, -- Boris.
	"An NT server can be run by an idiot, and usually is." -- Tom Holub

Next message: Jon Lewis: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Previous message: Jon Lewis: "Re: Security Anti Symlink Attack Patch for 2.1.71"
Maybe in reply to: Christoph Lameter: "Security Anti Symlink Attack Patch for 2.1.71"
Next in thread: Ian Collier: "Re: Security Anti Symlink Attack Patch for 2.1.71"