From: Mathieu Chouquet-Stringer <mathieu@newview.com>
To: Valdis.Kletnieks@vt.edu
Cc: splite@purdue.edu, root@chaos.analogic.com, linux-kernel@vger.kernel.org
Subject: Re: hard links create local DoS vulnerability and security proble
Date: 24 Nov 2003 14:25:31 -0500 [thread overview]
Message-ID: <xltptfhd0wk.fsf@shookay.newview.com> (raw)
In-Reply-To: <200311241829.hAOITdKL014364@turing-police.cc.vt.edu>
Valdis.Kletnieks@vt.edu writes:
> mkdir ~/bin
> chmod 700 ~/bin
> cat > ~/bin/show-me
> #!/bin/sh
> whoami
> ^D
> chmod 4755 ~/bin/show-me
>
> No separate partitions needed.
It's always been my understanding that you cannot have suid shell script
because you could easily change the IFS. Am i wrong? (
--
Mathieu Chouquet-Stringer E-Mail : mathieu@newview.com
Never attribute to malice that which can be adequately
explained by stupidity.
-- Hanlon's Razor --
next prev parent reply other threads:[~2003-11-24 19:26 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-24 16:36 hard links create local DoS vulnerability and security problems Jakob Lell
2003-11-24 17:05 ` Måns Rullgård
2003-11-24 20:42 ` Mike Fedyk
2003-11-24 17:14 ` Richard B. Johnson
2003-11-24 17:35 ` Jamie Lokier
2003-11-24 18:57 ` aic7xxx loading oops in 2.6.0-test10 Alexander Nyberg
2003-11-24 20:03 ` Ken Witherow
[not found] ` <Pine.LNX.4.58.0311241524310.1245@morpheus>
2003-11-24 20:49 ` Ken Witherow
2003-11-24 23:42 ` Dick Streefland
2003-11-25 3:16 ` hard links create local DoS vulnerability and security problems Matthias Andree
2003-11-25 14:48 ` Jan Kara
2003-11-25 15:27 ` Jakob Lell
2003-11-24 17:37 ` Rudo Thomas
2003-11-24 18:10 ` Richard B. Johnson
2003-11-24 18:22 ` Valdis.Kletnieks
2003-11-24 22:17 ` [OT] " Rudo Thomas
2003-11-24 17:57 ` Jakob Lell
2003-11-24 18:08 ` splite
2003-11-24 18:13 ` Richard B. Johnson
2003-11-24 18:24 ` Jakob Lell
2003-11-24 23:57 ` bill davidsen
2003-11-24 18:18 ` Jakob Lell
2003-11-24 18:29 ` Valdis.Kletnieks
2003-11-24 19:25 ` Mathieu Chouquet-Stringer [this message]
2003-11-24 20:00 ` hard links create local DoS vulnerability and security proble Valdis.Kletnieks
2003-11-24 20:02 ` Mathieu Chouquet-Stringer
2003-11-24 20:22 ` H. Peter Anvin
2003-11-24 18:21 ` hard links create local DoS vulnerability and security problems Michael Buesch
2003-11-24 18:35 ` Jakob Lell
2003-11-24 18:53 ` Chris Wright
2003-11-25 0:04 ` bill davidsen
2003-11-25 13:54 ` Jesse Pollard
2003-11-24 23:50 ` bill davidsen
2003-11-25 0:22 ` Mike Fedyk
2003-11-25 0:35 ` Chris Wright
2003-11-25 8:15 ` Amon Ott
2003-11-25 16:11 ` Bill Davidsen
2003-11-25 11:26 ` Gianni Tedesco
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xltptfhd0wk.fsf@shookay.newview.com \
--to=mathieu@newview.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=splite@purdue.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.