Re: hard links create local DoS vulnerability and security problems

From: Ricky Beam
Date: Mon Nov 24 2003 - 18:32:08 EST

Next message: Jesse Barnes: "Re: [RFC] Simplify node/zone portion of page->flags"
Previous message: James Bottomley: "final SCSI updates (hopefully) for 2.6.0"
In reply to: Linus Torvalds: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 24 Nov 2003, Linus Torvalds wrote:
>Just do
>
> chmod ug-s file
>
>and you're done.
>
>If you delete the file first, you'll need roots help, but hey, be careful.

Heh, thus enters paranoia... patern fill the file (zero's will do), truncate,
'chmod 0', and *then* unlink it. Yeah, it's eating up an inode charged to
the user, but otherwise, no space and the contents are gone.

--Ricky

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jesse Barnes: "Re: [RFC] Simplify node/zone portion of page->flags"
Previous message: James Bottomley: "final SCSI updates (hopefully) for 2.6.0"
In reply to: Linus Torvalds: "Re: hard links create local DoS vulnerability and security problems"
Next in thread: John Bradford: "Re: hard links create local DoS vulnerability and security problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]