User: Password:
Subscribe / Log in / New account

Standards, the kernel, and Postfix

Standards, the kernel, and Postfix

Posted Aug 21, 2008 15:34 UTC (Thu) by mb (subscriber, #50428)
In reply to: Standards, the kernel, and Postfix by rwmj
Parent article: Standards, the kernel, and Postfix

>>I find it a bit odd that a normal user can do things like this: ln /etc/shadow ~/myfile and
control where system files show up in the file system.
> Not just odd, but a security problem too. 

This is why the package manager tool, that replaces the application, should first remove all
read/write/exec permissions from the file before unlinking it. This way the hardlink won't be
usable by the attacker anymore, as he can't execute it anymore.
A call to revoke() might be needed, too, to close all currently open mmap(). I'm not sure on
that for regular files...

I don't know whether apt/rpm actually do this.

But udev, for example, uses this to avoid attacks on /dev files.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds