* CAN-2001-1551
@ 2005-09-18 9:12 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2005-09-18 9:12 UTC (permalink / raw)
To: linux-kernel
Has this issue been fixed? Or is this not a kernel bug?
| From: Wojciech Purczyñski (wpsupermedia.pl)
| Date: Mon Oct 22 2001 - 03:43:13 CDT
|
| Almost any suid binary may be used to create large files overriding quota
| limits.
|
| When setuid-root binary inherits file descriptors from user process it may
| write to it without respecting the quota restrictions. This is because
| suid process has CAP_SYS_RESOURCE effective capability enabled during
| writing to the file. Quota does not know anything about who opened file
| descriptor and checks current process privileges only. This is bug in
| kernel and not in those setuid-root binaries.
<http://archives.neohapsis.com/archives/bugtraq/2001-10/0179.html>
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-09-18 9:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-09-18 9:12 CAN-2001-1551 Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox