Re: Security question: "Text file busy" overwriting executables but

Linus Torvalds (torvalds@transmeta.com)
Fri, 5 Oct 2001 09:58:04 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: 3ware discontinuing the Escalade Series"
Previous message: Larry McVoy: "Re: 3ware discontinuing the Escalade Series"

On 5 Oct 2001, Eric W. Biederman wrote:
> > The MAP_DENYWRITE rule was added a long time ago because people found actual
> > workable DoS attacks
>
> Do you have any details. I would like to figure out what it takes to
> export MAP_DENYWRITE safely to userspace.

I think it literally was /var/run/[uw]tmp, and using MAP_DENYWRITE to
disable all logins.

But it pretty much covers _any_ logfiles that are readable (and thus
openable) by users.

> Currently checking to see if the file is executable looks good
> enough.

[ executable by the user in question, not just anybody ]

Yes, I suspect it is.

> The fix for bad permission (during a DOS attack) is either:
> chmod correct_permissions foo
> lsof foo | xargs kill

Well, if you cannot log in as root, it doesn't much matter what the "fix"
is, so it's better to be safe than sorry.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: 3ware discontinuing the Escalade Series"
Previous message: Larry McVoy: "Re: 3ware discontinuing the Escalade Series"