Call for review: restricted hardlinks.
Pawel Jakub Dawidek
pjd at FreeBSD.org
Tue Mar 9 01:23:18 PST 2004
On Tue, Mar 09, 2004 at 09:16:39AM +0100, Cédric Devillers wrote:
+> If you create several partition ( /var /usr /home ), this problem is
+> resolved. Generally, in /usr, there are no directory write-able for all.
+> If you have a partition for /usr, no hard link to a set-uid binary ( in
+> the /usr tree ) is possible.
Believe me, I'm aware of this.
This "issue" can be used to other purposes as well.
% ln /home/<user>/important_file ~/i_cannot_read_it_now_but_maybe_some_day_i_will_compromise_this_machine
Anyway, it is turned off by default and there is no need to use it at all.
--
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040309/b0c4e116/attachment.bin
More information about the freebsd-security
mailing list