LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"delete()" system call unnecessary ... for this case

"delete()" system call unnecessary ... for this case

Posted Aug 21, 2008 20:59 UTC (Thu) by AnswerGuy (guest, #1256)
In reply to: Standards, the kernel, and Postfix by epa
Parent article: Standards, the kernel, and Postfix 


 Actually the really savvy admin, or patch/fix script author, would perform  a sanity check on
files to be removed by the patch, opening it, fstat()ing  it, chmod() it to remove SUID/SGID
bits, unlink()ing it, and checking to ensure that the next fstat() returns a  link count of
zero.  If that fails (someone else has a hard link to it) then  over-write the file contents
with an program which does the following:

  * syslog()s the user and the command argument
  * optionally warns the user that they are attempting to use an out-dated version of the
program (and advising them against using hard links to system binaries in general?)
  * optionally wraps the new binary (execve()'s it) or exits

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds